MyCity » Ambulanta -> Arhiva Ambulante » Gamarue.AR

Gamarue.AR

Napisano na dan: 19.9.2015

Gamarue.AR

Odgovori

iCho Poslao: 19 Sep 2015 10:44 Idi na vrh
offline iCho Elitni građanin Pridružio: 03 Maj 2011 Poruke: 1808 Gde živiš: Mos Eisley	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pre neki dan sam prebacivao flešom sa nekog drugog računara (ne mog) neke podatke i tom prilikom sam zakačio ovaj malver. Kada se pokrene Windows, Windows Defender izbacuje poruku da je zaustavio proces sa malverom iz naslova i zahteva da restartujem računar ne bi li on uklonio virus. Ma koliko puta ja restartovao računar, isto se dešava stalno. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015 Ran by Savo (administrator) on R2D2 (19-09-2015 10:38:32) Running from C:\Users\Savo\Downloads Loaded Profiles: Savo (Available Profiles: Savo) Platform: Windows 10 Pro (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe () C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe (arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Autodesk, Inc.) A:\Program Files\Inventor 2016\Moldflow\bin\mitsijm.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Windows\DAODx.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP3LAK.EXE (CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABHSWD.EXE (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\Temp\4DD240D4-EC7D-425D-8A10-39BDC798DC74\DismHost.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8483032 2015-05-28] (Realtek Semiconductor) HKLM\...\Run: [CNAP3 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2012-06-14] (CANON INC.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-03] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [523144 2015-09-07] (Autodesk Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0 HKLM\...\Policies\Explorer: [HideSCAHealth] 0 HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google) HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\...\Run: [uTorrent] => C:\Users\Savo\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-09-14] (BitTorrent Inc.) HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-27] (Electronic Arts) HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\...\Run: [PC Remote Server] => C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe [1190648 2014-10-12] (PC Remote) HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.) HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.) Startup: C:\Users\Savo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cloud Mail.Ru.lnk [2014-12-23] ShortcutTarget: Cloud Mail.Ru.lnk -> C:\Users\Savo\AppData\Local\Mail.Ru\Cloud\Cloud.exe (Mail.Ru) Startup: C:\Users\Savo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.lnk [2015-09-14] ShortcutTarget: x.lnk -> C:\Users\Savo\AppData\Roaming\obSMGA3xrR.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.255.1 Tcpip\..\Interfaces\{f804990c-e027-4911-8aaf-4c12151f4c1c}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{f804990c-e027-4911-8aaf-4c12151f4c1c}: [DhcpNameServer] 192.168.255.1 Tcpip\..\Interfaces\{fe2304d3-64f9-4527-9faa-b266222599e0}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{fe2304d3-64f9-4527-9faa-b266222599e0}: [DhcpNameServer] 192.168.255.1 Internet Explorer: ================== HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation) BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26] (Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Savo\AppData\Roaming\Mozilla\Firefox\Profiles\xfypkiju.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-01-23] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Savo\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Savo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-08] CHR Extension: (Google Docs) - C:\Users\Savo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-08] CHR Extension: (Google Drive) - C:\Users\Savo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-08] CHR Extension: (YouTube) - C:\Users\Savo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-08] CHR Extension: (Google Search) - C:\Users\Savo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-08] CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Savo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-02-14] CHR Extension: (Google Sheets) - C:\Users\Savo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-08] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Savo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-26] CHR Extension: (Chrome Web Store Payments) - C:\Users\Savo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-08] CHR Extension: (Gmail) - C:\Users\Savo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-08] CHR HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1136520 2015-09-07] (Autodesk Inc.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed] R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed] S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed] S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [File not signed] R2 mitsijm2016; A:\Program Files\Inventor 2016\Moldflow\bin\mitsijm.exe [968480 2014-09-30] (Autodesk, Inc.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-27] (Electronic Arts) R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc) S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH) S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed] S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed] R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] () R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices) S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed] R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [242688 2013-04-24] (QUALCOMM Incorporated) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [214016 2015-07-10] (Microsoft Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider) S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] S5 WinDivert1.1; <===== ATTENTION: Locked Service ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-19 10:38 - 2015-09-19 10:39 - 00021346 _____ C:\Users\Savo\Downloads\FRST.txt 2015-09-19 10:38 - 2015-09-19 10:38 - 02191360 _____ (Farbar) C:\Users\Savo\Downloads\FRST64.exe 2015-09-19 10:38 - 2015-09-19 10:38 - 00000000 ____D C:\FRST 2015-09-19 10:35 - 2015-09-19 10:35 - 05693008 _____ (AVAST Software) C:\Users\Savo\Downloads\avast_free_antivirus_setup_online.exe 2015-09-19 10:22 - 2015-09-19 10:22 - 00016148 _____ C:\WINDOWS\system32\R2D2_Savo_HistoryPrediction.bin 2015-09-18 23:26 - 2015-09-18 23:26 - 00000000 ____D C:\Users\Savo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2015-09-18 21:35 - 2015-09-18 21:35 - 08203248 _____ (TeamViewer GmbH) C:\Users\Savo\Downloads\TeamViewer_Setup_sr-iod.exe 2015-09-18 18:11 - 2015-09-18 18:11 - 00023792 _____ C:\Users\Savo\Downloads\FlexTrack-master.zip 2015-09-18 18:08 - 2015-09-18 18:08 - 00001680 _____ C:\Users\Savo\Downloads\RTTY_Test.pde 2015-09-18 18:05 - 2015-09-18 18:05 - 00037453 _____ C:\Users\Savo\Downloads\libraries.zip 2015-09-18 17:49 - 2015-09-18 17:49 - 00002471 _____ C:\Users\Savo\Downloads\arduino_sk_04.zip 2015-09-17 18:49 - 2015-09-17 18:49 - 00003115 _____ C:\Users\Savo\Downloads\RTTY_v21.zip 2015-09-17 18:27 - 2015-09-18 22:48 - 00000000 ____D C:\Users\Savo\dl-fldigi.files 2015-09-17 18:26 - 2015-09-17 18:26 - 01055067 _____ C:\Users\Savo\Downloads\VBCABLEDriver_Pack42b.zip 2015-09-17 18:26 - 2015-09-17 18:26 - 00000000 ____D C:\Users\Savo\Desktop\New folder (3) 2015-09-17 18:26 - 2015-09-17 18:26 - 00000000 ____D C:\Program Files\VB 2015-09-17 18:26 - 2013-07-11 08:57 - 00041192 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vbaudio_cable64_win7.sys 2015-09-17 18:24 - 2015-09-17 18:24 - 00002060 _____ C:\Users\Savo\Desktop\Dl-Fldigi 3.21.50 HAB mode.lnk 2015-09-17 18:24 - 2015-09-17 18:24 - 00002048 _____ C:\Users\Savo\Desktop\Dl-Fldigi 3.21.50.lnk 2015-09-17 18:24 - 2015-09-17 18:24 - 00000000 ____D C:\Users\Savo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dl-Fldigi 2015-09-17 18:24 - 2015-09-17 18:24 - 00000000 ____D C:\Program Files (x86)\Dl-Fldigi-3.21.50 2015-09-17 18:22 - 2015-09-17 18:23 - 04036882 _____ C:\Users\Savo\Downloads\dl-fldigi-DL3.1-windows-2abd6a7.exe 2015-09-17 18:13 - 2015-09-17 18:17 - 00000000 ____D C:\Users\Savo\fldigi.files 2015-09-17 18:13 - 2015-09-17 18:13 - 00000000 ____D C:\Users\Savo\NBEMS.files 2015-09-17 18:13 - 2015-09-17 18:13 - 00000000 ____D C:\Users\Savo\AppData\Roaming\fltk.org 2015-09-17 18:13 - 2015-09-17 18:13 - 00000000 ____D C:\ProgramData\fltk.org 2015-09-17 15:51 - 2015-09-17 15:51 - 00001998 _____ C:\Users\Savo\Desktop\Fldigi 3.23.00.lnk 2015-09-17 15:51 - 2015-09-17 15:51 - 00001989 _____ C:\Users\Savo\Desktop\Flarq 4.3.5.lnk 2015-09-17 15:51 - 2015-09-17 15:51 - 00000000 ____D C:\Users\Savo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fldigi 2015-09-17 15:51 - 2015-09-17 15:51 - 00000000 ____D C:\Program Files (x86)\Fldigi-3.23.00 2015-09-17 15:50 - 2015-09-17 15:50 - 05147598 _____ C:\Users\Savo\Downloads\fldigi-3.23.00_setup.exe 2015-09-15 23:28 - 2015-09-15 23:28 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2015-09-15 23:28 - 2015-09-15 23:28 - 00000398 __RSH C:\ProgramData\ntuser.pol 2015-09-15 23:28 - 2015-09-15 23:28 - 00000000 ____D C:\Users\Savo\usb_driver 2015-09-15 23:21 - 2015-09-15 23:21 - 00000000 ____D C:\Users\Savo\AppData\Roaming\InstallShield 2015-09-15 23:21 - 2015-09-15 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK DTV USB DEVICE 2015-09-15 23:21 - 2015-09-15 23:21 - 00000000 ____D C:\ProgramData\InstallShield 2015-09-15 23:21 - 2013-04-17 03:38 - 05771358 ____R (Realtek) C:\WINDOWS\SysWOW64\RTKDAB.dll 2015-09-15 23:21 - 2013-04-17 03:38 - 05750868 ____R ( ) C:\WINDOWS\SysWOW64\RTKISDBT.dll 2015-09-15 23:21 - 2013-04-17 03:38 - 00372812 ____R (Realtek) C:\WINDOWS\SysWOW64\RTKFM.dll 2015-09-15 23:21 - 2013-04-17 03:38 - 00237968 ____R (REALTEK SEMICONDUCTOR Corp.) C:\WINDOWS\SysWOW64\Drivers\RTL2832UBDA.sys 2015-09-15 23:21 - 2013-04-17 03:38 - 00143441 ____R (Realtek) C:\WINDOWS\SysWOW64\RTKDABSOURCE.dll 2015-09-15 23:21 - 2013-04-17 03:38 - 00135277 ____R (Realtek) C:\WINDOWS\SysWOW64\RTKFMSOURCE.dll 2015-09-15 23:21 - 2013-04-17 03:38 - 00135271 ____R (Realtek) C:\WINDOWS\SysWOW64\RTKISDBTSOURCE.dll 2015-09-15 23:21 - 2013-04-17 03:38 - 00114688 ____R (Realtek) C:\WINDOWS\SysWOW64\RTL283XACCESS.dll 2015-09-15 23:21 - 2013-04-17 03:38 - 00090243 ____R (Realtek) C:\WINDOWS\SysWOW64\SuperFrameSplitter.dll 2015-09-15 23:21 - 2013-04-17 03:38 - 00069632 ____R (Realtek) C:\WINDOWS\SysWOW64\RTKDABMWare.dll 2015-09-15 23:21 - 2013-04-17 03:38 - 00039056 ____R (REALTEK SEMICONDUCTOR Corp.) C:\WINDOWS\SysWOW64\Drivers\RTL2832UUSB.sys 2015-09-15 23:07 - 2015-09-15 23:25 - 00001194 _____ C:\Users\Savo\Desktop\SDRSharp.exe - Shortcut.lnk 2015-09-15 22:39 - 2015-09-15 22:39 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2015-09-15 22:37 - 2015-09-15 22:39 - 00094240 _____ (REALTEK SEMICONDUCTOR Corp.) C:\WINDOWS\system32\Drivers\RTL2832UBDA.sys 2015-09-15 22:37 - 2015-09-15 22:39 - 00038432 _____ (REALTEK SEMICONDUCTOR Corp.) C:\WINDOWS\system32\Drivers\RTL2832UUSB.sys 2015-09-15 22:33 - 2015-09-15 22:33 - 00155240 _____ C:\Users\Savo\Downloads\sdr-install(2).zip 2015-09-14 23:53 - 2015-09-14 23:53 - 01660416 _____ C:\Users\Savo\Downloads\adwcleaner_5.007.exe 2015-09-14 23:53 - 2015-09-14 23:53 - 00000000 ____D C:\Users\Savo\Desktop\formule 2015-09-14 19:57 - 2015-09-14 19:59 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-09-14 19:56 - 2015-09-14 19:56 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-09-14 19:56 - 2015-09-14 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-09-14 19:56 - 2015-09-14 19:56 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-14 19:56 - 2015-09-14 19:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-09-14 19:56 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-09-14 19:56 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-09-14 19:56 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-09-14 19:55 - 2015-09-14 19:55 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Savo\Downloads\mbam-setup-2.1.8.1057.exe 2015-09-14 19:45 - 2015-09-14 19:45 - 82539520 __RSH C:\Users\Savo\AppData\Roaming\obSMGA3xrR.exe 2015-09-14 19:12 - 2013-10-24 11:38 - 01654272 _____ (CANON INC.) C:\WINDOWS\system32\CNAP3SMD.DLL 2015-09-14 19:07 - 2015-09-14 19:13 - 00000000 ____D C:\Program Files\Canon 2015-09-14 15:36 - 2015-09-14 15:36 - 00001487 _____ C:\Users\Savo\Downloads\ERSTE_IZVOD.csv 2015-09-14 01:09 - 2015-09-14 01:09 - 00000000 ____D C:\Users\Savo\AppData\Roaming\Thunderbird 2015-09-14 01:09 - 2015-09-14 01:09 - 00000000 ____D C:\Users\Savo\AppData\Local\Thunderbird 2015-09-14 01:08 - 2015-09-14 01:08 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2015-09-14 01:08 - 2015-09-14 01:08 - 00001270 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2015-09-14 01:08 - 2015-09-14 01:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2015-09-13 22:59 - 2015-09-13 23:00 - 34018072 _____ (Mozilla) C:\Users\Savo\Downloads\Thunderbird Setup 38.2.0.exe 2015-09-13 16:01 - 2015-09-13 16:01 - 00117956 _____ C:\Users\Savo\Downloads\GalaxSimUnlock.apk 2015-09-13 14:23 - 2015-09-13 14:23 - 00000146 _____ C:\Users\Savo\Desktop\New Text Document.txt 2015-09-13 14:17 - 2015-09-13 14:23 - 00002257 _____ C:\Users\Savo\Desktop\suntroll.html 2015-09-11 22:00 - 2015-09-11 22:00 - 00007839 _____ C:\Users\Savo\Downloads\Tehnicka skola 2015-09-11.csv 2015-09-09 21:16 - 2015-09-09 21:17 - 00001542 _____ C:\Users\Savo\Downloads\meni.php 2015-09-09 13:34 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-09-09 13:34 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-09-09 13:34 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-09-09 13:34 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-09 13:34 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-09-09 13:34 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-09-09 13:34 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-09 13:34 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-09 13:34 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-09-09 13:34 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-09 13:34 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-09 13:34 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 13:34 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-09 13:34 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-09 13:34 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-09 13:34 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-09 13:34 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-09 13:34 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-09-09 13:34 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll 2015-09-09 13:34 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-09 13:34 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-09 13:34 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-09 13:34 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-09-09 13:34 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-09-09 13:34 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-09-09 13:34 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-09 13:34 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-09-09 13:34 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-09-09 13:34 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-09 13:34 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2015-09-09 13:34 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-09 13:34 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-09-09 12:40 - 2015-09-09 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-09-09 12:40 - 2015-09-09 12:40 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-09-09 12:38 - 2015-09-09 12:38 - 01506832 _____ (Skype Technologies S.A.) C:\Users\Savo\Downloads\SkypeSetup.exe 2015-09-09 10:41 - 2015-09-09 10:41 - 00000333 _____ C:\Users\Savo\Downloads\Odgovor.zip 2015-09-06 23:51 - 2015-09-06 23:51 - 00060047 _____ C:\Users\Savo\Downloads\1419621173_ccrf2_click___ex_mikroc_arm.zip 2015-09-06 23:49 - 2015-09-06 23:49 - 00064133 _____ C:\Users\Savo\Downloads\1337781710_gps_click___exam_mikroc_pic.rar 2015-09-06 23:47 - 2015-09-06 23:47 - 00031990 _____ C:\Users\Savo\Downloads\1405165632_gps_click___exam_mikroc_avr(1).rar 2015-09-05 23:11 - 2015-09-05 23:11 - 00000000 ____D C:\Users\Savo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\u-blox 2015-09-05 23:11 - 2015-09-05 23:11 - 00000000 ____D C:\Program Files (x86)\u-blox 2015-09-05 23:10 - 2015-09-05 23:10 - 16112587 _____ C:\Users\Savo\Downloads\u-centersetup_v8.18.zip 2015-09-05 22:24 - 2015-09-05 22:24 - 00842363 _____ C:\Users\Savo\Downloads\nRF905-EK(1).zip 2015-09-05 22:07 - 2015-09-05 22:07 - 00007029 _____ C:\Users\Savo\Downloads\CC1101.zip 2015-09-03 23:21 - 2015-09-03 23:21 - 02089100 _____ C:\Users\Savo\Downloads\UH150 Datasheet.rar 2015-09-01 23:45 - 2015-09-01 23:46 - 06520208 _____ (Tim Kosse) C:\Users\Savo\Downloads\FileZilla_3.13.1_win64-setup.exe 2015-09-01 10:43 - 2015-09-01 10:45 - 00000000 ____D C:\Users\Savo\AppData\Local\YagiCAD6 2015-09-01 10:43 - 2015-09-01 10:43 - 00001102 _____ C:\Users\Public\Desktop\YagiCAD.lnk 2015-09-01 10:43 - 2015-09-01 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YagiCAD 2015-09-01 10:28 - 2015-09-01 10:43 - 00809334 _____ (Paul McMahon VKDIP ) C:\Users\Savo\Downloads\YC625Setup.exe 2015-09-01 10:23 - 2015-09-01 10:23 - 00086693 _____ C:\Users\Savo\Downloads\0113052517088088.zip 2015-09-01 00:51 - 2015-09-01 00:51 - 00346231 _____ C:\Users\Savo\Downloads\353_linearnopojaaloza432mhz(1).zip 2015-08-31 22:45 - 2015-08-31 22:45 - 00062464 _____ C:\Users\Savo\Downloads\pathloss_b.xls 2015-08-31 21:39 - 2015-08-31 21:39 - 00117760 _____ C:\Users\Savo\Downloads\lineofsight.xls 2015-08-31 00:28 - 2015-08-31 00:28 - 00031990 _____ C:\Users\Savo\Downloads\1405165632_gps_click___exam_mikroc_avr.rar 2015-08-30 22:20 - 2015-08-30 22:20 - 00346231 _____ C:\Users\Savo\Downloads\353_linearnopojaaloza432mhz.zip 2015-08-30 15:43 - 2015-08-30 15:43 - 00155240 _____ C:\Users\Savo\Downloads\sdr-install(1).zip 2015-08-30 10:31 - 2015-08-30 10:31 - 00000000 ____D C:\Users\Savo\Desktop\New folder (2) 2015-08-30 02:31 - 2015-08-30 02:31 - 00023921 _____ C:\Users\Savo\Downloads\1397659630_trf_click___exam_mikroc_pic.rar 2015-08-30 00:17 - 2015-08-30 01:58 - 00000000 ____D C:\Users\Savo\Downloads\nRF905 AVR_Arduino Library_Driver » Zak's Electronics Blog ~_files 2015-08-30 00:17 - 2015-08-30 00:17 - 00622281 _____ C:\Users\Savo\Downloads\nRF905 AVR_Arduino Library_Driver » Zak's Electronics Blog ~.htm 2015-08-30 00:12 - 2015-08-30 00:12 - 00842363 _____ C:\Users\Savo\Downloads\nRF905-EK.zip 2015-08-29 23:58 - 2015-08-29 23:58 - 00160571 _____ C:\Users\Savo\Downloads\gps_examples(1).zip 2015-08-29 23:28 - 2015-08-29 23:28 - 00006646 _____ C:\Users\Savo\Downloads\arduino_uno_shield_examples.zip 2015-08-29 22:59 - 2015-08-29 23:00 - 00160571 _____ C:\Users\Savo\Downloads\gps_examples.zip 2015-08-29 15:20 - 2015-08-29 15:20 - 00050176 _____ C:\Users\Savo\Downloads\cenovnik-stiropor-27.05.2013.5.xls 2015-08-29 11:51 - 2015-08-29 11:51 - 00000000 ____D C:\Users\Savo\AppData\Roaming\Sun 2015-08-29 11:51 - 2015-08-29 11:51 - 00000000 ____D C:\Users\Savo\.oracle_jre_usage 2015-08-28 23:22 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-28 23:22 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-08-28 23:22 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-28 23:22 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-28 23:22 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-08-28 23:22 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-08-28 23:22 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-08-28 23:22 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-28 23:22 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-08-28 23:22 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-28 23:22 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-08-28 23:22 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-08-28 23:22 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-08-28 23:22 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2015-08-28 23:22 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-08-28 23:22 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-08-28 23:22 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2015-08-28 23:22 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-28 23:22 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll 2015-08-28 23:22 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2015-08-28 23:22 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-08-28 23:22 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll 2015-08-28 23:22 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll 2015-08-28 23:22 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll 2015-08-28 23:22 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2015-08-28 23:22 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2015-08-28 23:22 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-28 23:22 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2015-08-28 23:22 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll 2015-08-28 23:22 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-28 23:22 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-28 23:22 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-08-28 23:22 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2015-08-28 23:22 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2015-08-28 23:22 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll 2015-08-28 23:22 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll 2015-08-28 23:22 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll 2015-08-28 23:22 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2015-08-28 23:22 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-08-28 23:22 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2015-08-28 23:22 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList 2015-08-28 01:42 - 2015-08-28 01:42 - 02002523 _____ C:\Users\Savo\Downloads\PMR-Radio_Client.zip 2015-08-23 12:06 - 2015-08-23 12:06 - 00000000 ____D C:\ProgramData\ATI 2015-08-21 17:31 - 2015-08-21 17:31 - 00061917 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508211731079290.log 2015-08-21 17:31 - 2015-08-21 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-08-21 17:29 - 2015-08-21 17:29 - 00063223 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508211729325868.log 2015-08-21 17:27 - 2015-08-21 17:27 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe 2015-08-21 17:27 - 2015-08-21 17:27 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2015-08-21 17:27 - 2015-08-21 17:27 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2015-08-21 17:27 - 2015-08-21 17:27 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2015-08-21 17:27 - 2015-08-21 17:27 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2015-08-21 17:27 - 2015-08-21 17:27 - 00102384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2015-08-21 17:27 - 2015-08-21 17:27 - 00095216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2015-08-21 17:27 - 2015-08-21 17:27 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2015-08-21 17:27 - 2015-08-21 17:27 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 47795680 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 39723504 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 30760944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 25308656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 22328800 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 15727072 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 14312416 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 09191312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 08009344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 07575664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 06486000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 05076976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2015-08-21 17:26 - 2015-08-21 17:26 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap 2015-08-21 17:26 - 2015-08-21 17:26 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe 2015-08-21 17:26 - 2015-08-21 17:26 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe 2015-08-21 17:26 - 2015-08-21 17:26 - 01005552 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe 2015-08-21 17:26 - 2015-08-21 17:26 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe 2015-08-21 17:26 - 2015-08-21 17:26 - 00660928 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-08-21 17:26 - 2015-08-21 17:26 - 00660928 _____ C:\WINDOWS\system32\atiapfxx.blb 2015-08-21 17:26 - 2015-08-21 17:26 - 00472832 _____ C:\WINDOWS\system32\amdmiracast.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00377312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2015-08-21 17:26 - 2015-08-21 17:26 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe 2015-08-21 17:26 - 2015-08-21 17:26 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00201184 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00170464 _____ C:\WINDOWS\system32\atieah64.exe 2015-08-21 17:26 - 2015-08-21 17:26 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2015-08-21 17:26 - 2015-08-21 17:26 - 00152032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00113880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00089520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00085472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00082680 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00069600 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00062432 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00061408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe 2015-08-21 17:26 - 2015-08-21 17:26 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00059360 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00049632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll 2015-08-21 17:26 - 2015-08-21 17:26 - 00039904 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2015-08-20 21:02 - 2015-08-20 21:02 - 06505624 _____ (Tim Kosse) C:\Users\Savo\Downloads\FileZilla_3.13.0_win64-setup.exe 2015-08-20 21:00 - 2015-08-20 21:02 - 06505624 _____ (Tim Kosse) C:\Users\Savo\Downloads\FileZilla_3.13.0_win64-setup (2).exe 2015-08-20 00:43 - 2015-08-20 00:44 - 00000000 ____D C:\Users\Savo\Desktop\New folder ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-19 10:31 - 2015-02-18 23:02 - 00000000 ____D C:\Games 2015-09-19 10:25 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-19 10:24 - 2015-03-14 02:01 - 00005200 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for R2D2-Savo R2D2 2015-09-19 10:23 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-09-19 10:23 - 2014-12-08 20:41 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-19 10:23 - 2014-12-08 16:25 - 00000000 ____D C:\ProgramData\MCShield 2015-09-18 23:45 - 2014-12-27 19:52 - 00000000 ____D C:\Users\Savo\AppData\Roaming\uTorrent 2015-09-18 23:26 - 2015-02-21 01:03 - 00000000 ____D C:\Users\Savo\AppData\Local\Popcorn Time 2015-09-18 23:25 - 2015-02-21 01:06 - 00000000 ____D C:\Users\Savo\AppData\Local\Popcorn-Time 2015-09-18 23:21 - 2014-12-08 20:41 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-18 23:12 - 2015-01-23 23:13 - 00000000 ____D C:\Users\Savo\Desktop\Shitbox 2015-09-18 23:10 - 2014-12-08 16:35 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-09-18 22:09 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-18 21:37 - 2015-01-06 22:52 - 00000000 ____D C:\Users\Savo\AppData\Roaming\TeamViewer 2015-09-18 15:16 - 2014-12-08 20:41 - 00003974 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-18 15:16 - 2014-12-08 20:41 - 00003742 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-17 19:05 - 2015-02-10 23:20 - 00000000 ____D C:\Users\Savo\Documents\Arduino 2015-09-17 18:30 - 2014-12-08 16:04 - 00000000 ____D C:\Users\Savo\AppData\Local\VirtualStore 2015-09-17 18:27 - 2015-07-29 23:02 - 00000000 ____D C:\Users\Savo 2015-09-17 18:26 - 2015-08-13 09:52 - 00004369 _____ C:\WINDOWS\setupact.log 2015-09-17 17:59 - 2014-12-08 23:34 - 00732160 ___SH C:\Users\Savo\Desktop\Thumbs.db 2015-09-17 14:35 - 2015-07-29 23:31 - 00887678 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-09-16 22:26 - 2015-03-31 11:07 - 00000000 ____D C:\Users\Savo\AppData\Roaming\Skype 2015-09-16 20:33 - 2014-12-08 16:04 - 00000000 ____D C:\Users\Savo\AppData\Local\Packages 2015-09-16 12:30 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-15 23:28 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2015-09-15 23:21 - 2014-12-08 16:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-09-15 23:21 - 2014-12-08 16:11 - 00000000 ____D C:\Program Files (x86)\Realtek 2015-09-15 23:08 - 2014-12-08 16:11 - 00000424 _____ C:\Users\Savo\Desktop\This PC.lnk 2015-09-15 22:43 - 2015-07-29 22:56 - 00009688 _____ C:\WINDOWS\PFRO.log 2015-09-15 22:43 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-09-15 22:40 - 2012-08-30 21:22 - 00000000 ____D C:\sdr-install 2015-09-14 20:38 - 2015-02-09 11:55 - 00000000 ____D C:\ProgramData\APN 2015-09-14 19:47 - 2014-12-08 16:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-09-14 19:42 - 2014-12-09 02:30 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-14 19:17 - 2014-12-24 21:15 - 00000000 ____D C:\Users\Savo\Documents\Visual Studio 2012 2015-09-14 18:24 - 2015-01-06 22:51 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-09-14 18:24 - 2015-01-06 22:51 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-09-13 14:51 - 2014-12-28 16:44 - 00000000 ____D C:\Users\Savo\AppData\Local\CutePDF Writer 2015-09-13 14:25 - 2015-01-02 20:15 - 00000000 ____D C:\Users\Savo\AppData\Roaming\FileZilla 2015-09-13 02:21 - 2014-12-08 16:06 - 00000000 __RDO C:\Users\Savo\SkyDrive 2015-09-10 10:11 - 2015-07-10 14:20 - 05204104 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-10 10:09 - 2015-07-10 15:14 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-10 10:09 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-09-09 19:24 - 2014-12-09 00:02 - 06245376 ___SH C:\Users\Savo\Downloads\Thumbs.db 2015-09-09 13:42 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-09 12:41 - 2015-03-31 11:07 - 00000000 ____D C:\ProgramData\Skype 2015-09-07 20:08 - 2015-03-20 17:18 - 00000132 _____ C:\Users\Savo\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-09-06 01:13 - 2015-02-11 19:22 - 00000000 ____D C:\Users\Savo\AppData\Roaming\tor 2015-09-05 16:50 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache 2015-09-05 12:46 - 2015-04-15 19:07 - 00000000 ____D C:\Users\Savo\AppData\Local\CrashDumps 2015-09-05 12:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-09-02 00:04 - 2015-01-02 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-09-02 00:04 - 2015-01-02 20:15 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2015-08-31 22:46 - 2014-12-13 22:30 - 00000000 ____D C:\Users\Savo\AppData\Roaming\Autodesk 2015-08-29 11:55 - 2014-12-30 22:42 - 00000000 ____D C:\ProgramData\Oracle 2015-08-29 11:51 - 2015-05-27 19:32 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-29 11:51 - 2015-02-14 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-08-29 11:51 - 2015-01-01 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-29 11:50 - 2015-05-27 19:33 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-08-29 00:51 - 2014-12-10 13:59 - 00006656 _____ C:\WINDOWS\system32\lpcio.dll 2015-08-28 11:16 - 2014-12-08 16:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-26 18:37 - 2014-12-09 02:30 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-08-25 16:52 - 2014-12-13 23:36 - 00000000 ____D C:\Users\Savo\Documents\Inventor 2015-08-21 17:30 - 2015-07-29 23:58 - 00000000 ____D C:\Program Files (x86)\AMD 2015-08-21 17:30 - 2014-12-08 16:10 - 00000000 ____D C:\ProgramData\Package Cache 2015-08-21 17:28 - 2014-12-08 08:24 - 00000000 ____D C:\AMD 2015-08-21 17:27 - 2015-07-16 03:12 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll 2015-08-21 17:26 - 2015-07-16 04:11 - 12062040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2015-08-21 17:26 - 2015-07-16 04:11 - 10191264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2015-08-21 17:26 - 2015-07-16 04:11 - 08979760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2015-08-21 17:26 - 2015-07-16 04:11 - 08865496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2015-08-21 17:26 - 2015-07-16 04:11 - 01468224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2015-08-21 17:26 - 2015-07-16 04:11 - 01213192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2015-08-21 17:26 - 2015-07-16 04:11 - 00162240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2015-08-21 17:26 - 2015-07-16 04:11 - 00143048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2015-08-21 17:26 - 2015-07-16 04:11 - 00131592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2015-08-21 17:26 - 2015-07-16 04:06 - 21632992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2015-08-21 17:26 - 2015-07-16 03:17 - 00681456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2015-08-21 17:26 - 2015-07-16 03:17 - 00452576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2015-08-21 17:26 - 2015-07-16 03:17 - 00256992 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2015-08-21 17:26 - 2015-07-16 03:13 - 01257952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2015-08-21 17:26 - 2015-07-16 03:13 - 00675296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2015-08-21 00:38 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns ==================== Files in the root of some directories ======= 2014-12-28 00:42 - 2014-12-28 00:44 - 0001027 _____ () C:\Program Files (x86)\uninstal.log 2015-07-30 00:43 - 2015-07-30 00:43 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD 2015-06-12 13:53 - 2015-06-12 13:53 - 0037607 _____ () C:\Program Files (x86)\Common Files\license.rtf 2015-06-12 13:53 - 2015-06-12 13:53 - 0008046 _____ () C:\Program Files (x86)\Common Files\setupBanner.jpg 2015-03-20 17:18 - 2015-09-07 20:08 - 0000132 _____ () C:\Users\Savo\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-09-14 19:45 - 2015-09-14 19:45 - 82539520 __RSH () C:\Users\Savo\AppData\Roaming\obSMGA3xrR.exe 2015-04-14 22:27 - 2015-07-08 23:41 - 0002824 _____ () C:\Users\Savo\AppData\Local\(zabranjeno)lock.settings 2015-08-16 01:02 - 2015-08-16 01:02 - 0000000 _____ () C:\Users\Savo\AppData\Local\debuggee.mdmp 2015-08-02 23:46 - 2015-08-02 23:46 - 0000017 _____ () C:\Users\Savo\AppData\Local\resmon.resmoncfg 2015-08-16 00:05 - 2015-08-16 00:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Savo\AppData\Local\Temp\AcDeltree.exe C:\Users\Savo\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Savo\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Savo\AppData\Local\Temp\raptrpatch.exe C:\Users\Savo\AppData\Local\Temp\raptr_stub.exe C:\Users\Savo\AppData\Local\Temp\update.exe C:\Users\Savo\AppData\Local\Temp\_is1651.exe C:\Users\Savo\AppData\Local\Temp\_is766C.exe C:\Users\Savo\AppData\Local\Temp\_is8ED2.exe C:\Users\Savo\AppData\Local\Temp\_isA933.exe C:\Users\Savo\AppData\Local\Temp\_isAE60.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-14 18:07 ==================== End of FRST.txt ============================ Addition.txt https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 19 Sep 2015 11:18 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	1Ovo se svidja korisniku: iCho Registruj se da bi pohvalio/la poruku! Pozdrav, 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: createrestorepoint: closeprocesses: emptytemp: Startup: C:\Users\Savo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.lnk [2015-09-14] ShortcutTarget: x.lnk -> C:\Users\Savo\AppData\Roaming\obSMGA3xrR.exe () C:\Users\Savo\AppData\Roaming\obSMGA3xrR.exe HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs CHR HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] S5 WinDivert1.1; <===== ATTENTION: Locked Service C:\Users\Savo\AppData\Local\Temp\AcDeltree.exe C:\Users\Savo\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Savo\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Savo\AppData\Local\Temp\raptrpatch.exe C:\Users\Savo\AppData\Local\Temp\raptr_stub.exe C:\Users\Savo\AppData\Local\Temp\update.exe C:\Users\Savo\AppData\Local\Temp\_is1651.exe C:\Users\Savo\AppData\Local\Temp\_is766C.exe C:\Users\Savo\AppData\Local\Temp\_is8ED2.exe C:\Users\Savo\AppData\Local\Temp\_isA933.exe C:\Users\Savo\AppData\Local\Temp\_isAE60.exe 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

iCho Poslao: 19 Sep 2015 12:46 Idi na vrh
offline iCho Elitni građanin Pridružio: 03 Maj 2011 Poruke: 1808 Gde živiš: Mos Eisley	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015 Ran by Savo (2015-09-19 11:34:26) Run:1 Running from C:\Users\Savo\Downloads Loaded Profiles: Savo (Available Profiles: Savo) Boot Mode: Normal ============================================== fixlist content: *************** createrestorepoint: closeprocesses: emptytemp: Startup: C:\Users\Savo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.lnk [2015-09-14] ShortcutTarget: x.lnk -> C:\Users\Savo\AppData\Roaming\obSMGA3xrR.exe () C:\Users\Savo\AppData\Roaming\obSMGA3xrR.exe HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs CHR HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] S5 WinDivert1.1; <===== ATTENTION: Locked Service C:\Users\Savo\AppData\Local\Temp\AcDeltree.exe C:\Users\Savo\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Savo\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Savo\AppData\Local\Temp\raptrpatch.exe C:\Users\Savo\AppData\Local\Temp\raptr_stub.exe C:\Users\Savo\AppData\Local\Temp\update.exe C:\Users\Savo\AppData\Local\Temp\_is1651.exe C:\Users\Savo\AppData\Local\Temp\_is766C.exe C:\Users\Savo\AppData\Local\Temp\_is8ED2.exe C:\Users\Savo\AppData\Local\Temp\_isA933.exe C:\Users\Savo\AppData\Local\Temp\_isAE60.exe *************** Restore point was successfully created. Processes closed successfully. C:\Users\Savo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.lnk => moved successfully C:\Users\Savo\AppData\Roaming\obSMGA3xrR.exe => moved successfully "C:\Users\Savo\AppData\Roaming\obSMGA3xrR.exe" => File/Folder not found. HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully "HKU\S-1-5-21-1579984898-3792211945-4248509348-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key removed successfully atillk64 => service removed successfully wfpcapture => service removed successfully WinDivert1.1 => service not found. C:\Users\Savo\AppData\Local\Temp\AcDeltree.exe => moved successfully C:\Users\Savo\AppData\Local\Temp\FNP_ACT_InstallerCA.dll => moved successfully C:\Users\Savo\AppData\Local\Temp\jre-8u60-windows-au.exe => moved successfully C:\Users\Savo\AppData\Local\Temp\raptrpatch.exe => moved successfully C:\Users\Savo\AppData\Local\Temp\raptr_stub.exe => moved successfully C:\Users\Savo\AppData\Local\Temp\update.exe => moved successfully C:\Users\Savo\AppData\Local\Temp\_is1651.exe => moved successfully C:\Users\Savo\AppData\Local\Temp\_is766C.exe => moved successfully C:\Users\Savo\AppData\Local\Temp\_is8ED2.exe => moved successfully C:\Users\Savo\AppData\Local\Temp\_isA933.exe => moved successfully C:\Users\Savo\AppData\Local\Temp\_isAE60.exe => moved successfully EmptyTemp: => 2 GB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 11:50:53 ====

Profil

TwinHeadedEagle Poslao: 19 Sep 2015 13:57 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je stanje sada?

Profil

iCho Poslao: 20 Sep 2015 00:10 Idi na vrh
offline iCho Elitni građanin Pridružio: 03 Maj 2011 Poruke: 1808 Gde živiš: Mos Eisley	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Za sada ništa ne izbacuje, izgleda da je problem rešen. Veliko hvala!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Gamarue.AR

Ko je trenutno na forumu

Ukupno su 1173 korisnika na forumu :: 40 registrovanih, 6 sakrivenih i 1127 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Atomski čoban, babaroga, bojankrstc, bolenbgd, Boris90, ccoogg123, cenejac111, dushan, Excalibur13, FileFinder, FOX, Goran 0000, ivan1973, Joco Skljoco, Karla, laurusri, Lieutenant, Lošmi, Mi lao shu, milutin134, nextyamb, ninareflex, NoOneEver Dreams, operniki, Oscar, Ripanjac, Romibrat, simazr, Simon simonović, Srle993, StepskiVuk, Stoilkovic, tomigun, Tores, Trpe Grozni, Valter071, W123, šumar bk2, žeks62

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by