Kada mi se pali kopjuter,izbacuje mi neke greske :(

2

Kada mi se pali kopjuter,izbacuje mi neke greske :(

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 129

Napisano: 08 Mar 2015 18:35

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by BROI (administrator) on BROI-PC on 08-03-2015 18:33:11
Running from D:\
Loaded Profiles: BROI (Available profiles: BROI)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-840672049-3068425232-2624504446-1001\...\Run: [uTorrent] => C:\Users\BROI\AppData\Roaming\uTorrent\uTorrent.exe [1742928 2015-03-03] (BitTorrent Inc.)
HKU\S-1-5-21-840672049-3068425232-2624504446-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-840672049-3068425232-2624504446-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-840672049-3068425232-2624504446-1001\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-840672049-3068425232-2624504446-1001\...\MountPoints2: {bb9ffbc2-c7ec-11e3-bc5d-001bfc72466f} - F:\AutoRun.exe
HKU\S-1-5-21-840672049-3068425232-2624504446-1001\...\MountPoints2: {bb9ffbcc-c7ec-11e3-bc5d-001bfc72466f} - F:\Windows\AutoRun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com
HKU\S-1-5-21-840672049-3068425232-2624504446-1001\Software\Microsoft\Internet Explorer\Main,Start Page = search.orbitdownloader.com
HKU\S-1-5-21-840672049-3068425232-2624504446-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-840672049-3068425232-2624504446-1001 -> {0E657187-35BE-49A8-8E88-3A9C64C48CF8} URL = google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-10] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-10] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-840672049-3068425232-2624504446-1001 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\BROI\AppData\Roaming\Mozilla\Firefox\Profiles\o8279w5u.default-1414539482096
FF Homepage: hxxp://search.orbitdownloader.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml [2015-03-05]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml [2015-03-05]
FF Extension: Adblock Plus - C:\Users\BROI\AppData\Roaming\Mozilla\Firefox\Profiles\o8279w5u.default-1414539482096\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-07]

Chrome:
=======
CHR Profile: C:\Users\BROI\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\BROI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-27]
CHR Extension: (Google Docs) - C:\Users\BROI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-27]
CHR Extension: (Google Drive) - C:\Users\BROI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-27]
CHR Extension: (YouTube) - C:\Users\BROI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-27]
CHR Extension: (Google Search) - C:\Users\BROI\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-27]
CHR Extension: (Google Sheets) - C:\Users\BROI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-27]
CHR Extension: (Google Wallet) - C:\Users\BROI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-27]
CHR Extension: (Gmail) - C:\Users\BROI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-08-18] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-08-18] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-09-18] (ESET)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] ()
S2 ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 17:49 - 2015-03-08 17:50 - 32067584 _____ () C:\Users\BROI\Downloads\ViewRightWebInstaller-3.6.0.0(2).msi
2015-03-08 17:24 - 2015-03-08 17:25 - 32067584 _____ () C:\Users\BROI\Downloads\ViewRightWebInstaller-3.6.0.0(1).msi
2015-03-08 13:27 - 2015-03-08 18:33 - 00000000 ____D () C:\FRST
2015-03-08 12:26 - 2015-03-08 12:32 - 00000000 ____D () C:\AdwCleaner
2015-03-08 12:26 - 2015-03-08 12:26 - 02126848 _____ () C:\Users\BROI\Downloads\AdwCleaner.exe
2015-03-08 01:02 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-03-08 01:00 - 2015-03-08 01:01 - 32067584 _____ () C:\Users\BROI\Downloads\ViewRightWebInstaller-3.6.0.0.msi
2015-03-08 00:55 - 2015-03-08 00:55 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-08 00:55 - 2015-03-08 00:55 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-08 00:55 - 2015-03-08 00:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-08 00:49 - 2015-03-08 00:50 - 00000579 _____ () C:\DelFix.txt
2015-03-08 00:49 - 2015-03-08 00:49 - 00000000 ____D () C:\Windows\ERUNT
2015-03-05 21:23 - 2015-03-05 21:23 - 00000000 __SHD () C:\Windows\ftpcache
2015-03-05 21:23 - 2015-03-05 21:23 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\Activision
2015-03-05 21:23 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-03-05 21:23 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-03-05 21:23 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-03-05 21:23 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-03-05 21:22 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-03-05 21:22 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-03-05 21:22 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-03-05 21:22 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-03-05 21:22 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-03-05 21:22 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-03-05 21:22 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-03-05 21:22 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-03-05 21:22 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-03-05 21:22 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-03-05 21:22 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-03-05 21:22 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-03-05 21:22 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-03-05 21:22 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-03-05 21:22 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-03-05 21:22 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-03-05 21:22 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-03-05 21:22 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-03-05 21:22 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-03-05 21:22 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-03-05 21:22 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-03-05 21:22 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-03-05 21:22 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-03-05 21:22 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-03-05 21:22 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-03-05 21:22 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-03-05 21:22 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-03-05 21:22 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-03-05 21:22 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-03-05 21:22 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-03-05 21:22 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-03-05 21:22 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-03-05 21:22 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-03-05 21:22 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-03-05 21:21 - 2015-03-05 21:23 - 00145857 _____ () C:\Windows\DirectX.log
2015-03-05 21:21 - 2015-03-05 21:21 - 00000319 _____ () C:\Windows\game.ini
2015-03-05 21:21 - 2015-03-05 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2015-03-05 21:08 - 2015-03-05 21:08 - 00000000 ____D () C:\Program Files (x86)\Activision
2015-03-05 18:17 - 2015-03-05 18:18 - 00001908 _____ () C:\Windows\diagwrn.xml
2015-03-05 18:17 - 2015-03-05 18:18 - 00001908 _____ () C:\Windows\diagerr.xml
2015-03-05 12:13 - 2015-03-05 12:14 - 00225835 _____ () C:\Users\BROI\Downloads\ESET Keygen 2015.rar
2015-03-05 01:56 - 2015-03-05 01:56 - 00000921 _____ () C:\Users\BROI\Desktop\USM - Shortcut.lnk
2015-03-05 00:49 - 2015-03-05 21:23 - 00000000 ____D () C:\Users\BROI\Documents\Activision
2015-03-05 00:49 - 2015-03-05 00:49 - 00000000 ____D () C:\Users\BROI\AppData\Local\Activision
2015-03-05 00:47 - 2015-03-05 00:47 - 00000469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Amazing Spider-Man 2.lnk
2015-03-05 00:37 - 2015-03-05 01:01 - 904804670 _____ () C:\Users\BROI\Downloads\Spider_Man.7z
2015-03-04 14:57 - 2015-03-04 14:57 - 00137448 _____ () C:\Users\BROI\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-04 14:56 - 2015-03-08 17:31 - 00002683 _____ () C:\Windows\setupact.log
2015-03-04 14:56 - 2015-03-05 18:17 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-04 14:56 - 2015-03-04 14:56 - 00497840 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-04 14:56 - 2015-03-04 14:56 - 00009250 _____ () C:\Windows\PFRO.log
2015-03-04 13:16 - 2015-03-04 13:16 - 00000000 ____D () C:\temp
2015-03-04 13:14 - 2015-03-04 13:14 - 00000632 _____ () C:\Users\BROI\Desktop\gta_sa - Shortcut.lnk
2015-03-03 23:33 - 2015-03-03 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit
2015-03-03 23:32 - 2015-03-07 23:56 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\Orbit
2015-03-03 23:31 - 2015-03-03 23:32 - 05498816 _____ (www.orbitdownloader.com ) C:\Users\BROI\Downloads\OrbitDownloaderSetup.exe
2015-03-03 01:30 - 2015-03-03 01:31 - 00000000 ____D () C:\Users\BROI\Documents\GTA San Andreas User Files
2015-02-28 01:58 - 2015-02-28 02:06 - 00000672 _____ () C:\Users\BROI\Desktop\New Text Document (2).txt
2015-02-26 18:45 - 2015-02-26 18:45 - 00001043 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-26 18:45 - 2015-02-26 18:45 - 00001031 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-02-25 19:16 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 19:16 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-16 00:05 - 2015-02-16 00:05 - 00002202 _____ () C:\Users\BROI\Desktop\Popcorn Time.lnk
2015-02-16 00:05 - 2015-02-16 00:05 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-02-16 00:04 - 2015-02-19 23:46 - 00000000 ____D () C:\Users\BROI\AppData\Local\Popcorn Time
2015-02-12 00:17 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-12 00:17 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-12 00:17 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-12 00:17 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-11 18:40 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-11 18:40 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 18:40 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-11 18:40 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 18:38 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 18:38 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 18:38 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 18:38 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 18:38 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 18:38 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 18:38 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 18:38 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 16:43 - 2015-02-11 16:43 - 00589512 _____ (ESET) C:\Windows\SysWOW64\%InstallDir%speclean.new
2015-02-11 14:12 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:12 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:12 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:12 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:12 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:12 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:12 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:12 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:12 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:12 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:12 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:12 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:12 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:12 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:12 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:12 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:12 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:12 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:12 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:12 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:12 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:12 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:12 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:12 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:12 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:12 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:12 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:12 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:12 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:12 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:12 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:12 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:12 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:12 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:12 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:12 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:12 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:12 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:12 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:12 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:12 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:12 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:12 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:12 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:12 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:12 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:12 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:12 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:12 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:12 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:12 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:12 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 13:49 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 13:49 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 13:49 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 13:49 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 13:49 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 13:49 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 13:49 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 13:49 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 13:49 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 13:49 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 13:49 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 13:49 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 13:49 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 13:49 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 13:49 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 13:49 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 13:48 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 13:48 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 13:48 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 13:48 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 13:48 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 13:48 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 13:48 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 13:48 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 13:48 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 13:48 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 13:48 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 13:48 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 13:48 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 13:48 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 13:48 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 13:48 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 13:48 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 13:48 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 13:48 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 13:48 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 13:48 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 13:48 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 13:47 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 13:47 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 13:47 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 13:47 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 13:47 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 13:47 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 13:47 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 13:47 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 13:47 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 13:42 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 00:36 - 2015-02-10 00:36 - 00000000 ____D () C:\Users\BROI\AppData\Local\AntiLogger Free
2015-02-10 00:15 - 2015-02-10 00:15 - 00003114 _____ () C:\Windows\System32\Tasks\{36AD32A7-D4C0-4D52-BC8A-43F8C322D77F}
2015-02-09 17:03 - 2015-03-07 01:11 - 00000150 _____ () C:\Users\BROI\Desktop\New Text Document.txt
2015-02-09 00:35 - 2015-02-09 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 18:28 - 2014-06-30 12:30 - 01219094 _____ () C:\Windows\WindowsUpdate.log
2015-03-08 17:53 - 2014-09-21 00:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-08 17:37 - 2014-04-08 17:00 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\uTorrent
2015-03-08 17:34 - 2014-05-21 23:10 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-08 17:32 - 2014-11-28 01:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-08 17:32 - 2014-05-21 23:10 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-08 17:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-08 13:32 - 2014-09-19 23:38 - 00000000 ____D () C:\Users\BROI\AppData\Local\JDownloader 0.9
2015-03-08 12:45 - 2014-12-03 19:31 - 00000000 ____D () C:\ProgramData\Corel
2015-03-08 00:56 - 2014-04-07 14:23 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\Mozilla
2015-03-08 00:55 - 2014-12-02 01:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-08 00:04 - 2014-04-06 23:13 - 00000947 _____ () C:\Users\BROI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-07 16:02 - 2014-04-06 23:53 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-07 15:49 - 2014-04-06 23:53 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-05 21:23 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-05 21:21 - 2014-07-27 01:07 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-05 19:00 - 2014-04-10 18:35 - 00000400 _____ () C:\Windows\Tasks\Wise Turbo Checker.job
2015-03-05 01:08 - 2014-07-19 13:22 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-04 16:49 - 2009-07-14 05:45 - 00028976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-04 16:49 - 2009-07-14 05:45 - 00028976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-04 16:43 - 2014-04-07 14:27 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\Macromedia
2015-03-04 14:57 - 2014-05-01 23:22 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-03-04 14:56 - 2014-04-18 17:09 - 00000452 _____ () C:\Windows\Tasks\Wise Disk Cleaner Schedule Task.job
2015-03-04 13:22 - 2014-04-18 17:09 - 00003320 _____ () C:\Windows\System32\Tasks\Wise Disk Cleaner Schedule Task
2015-03-04 13:22 - 2014-04-18 17:04 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\Wise Disk Cleaner
2015-03-04 13:19 - 2014-05-01 23:30 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\TeamViewer
2015-03-04 13:17 - 2014-04-07 01:06 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\AIMP3
2015-02-26 23:55 - 2014-09-15 11:02 - 00000000 ____D () C:\Users\BROI\Desktop\SLIcIcE
2015-02-26 22:28 - 2015-01-07 16:16 - 00000000 ____D () C:\Users\BROI\AppData\Local\Popcorn-Time
2015-02-26 19:55 - 2014-09-21 00:29 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-26 19:55 - 2014-09-21 00:28 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-26 19:55 - 2014-09-21 00:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-25 22:30 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-21 18:37 - 2014-11-27 23:25 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-21 18:29 - 2014-05-21 23:10 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-21 18:29 - 2014-05-21 23:10 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-15 23:57 - 2014-11-08 14:59 - 00000000 ____D () C:\Users\BROI\AppData\Local\node-webkit
2015-02-15 11:57 - 2009-07-14 06:08 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-15 11:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-02-12 19:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 01:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-11 19:12 - 2014-12-10 20:09 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 19:12 - 2014-04-24 22:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 19:10 - 2014-04-07 22:53 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 16:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2015-02-11 16:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-02-11 16:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-11 14:31 - 2014-05-29 23:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 14:31 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2015-02-10 23:52 - 2015-02-01 19:21 - 00000000 ____D () C:\Users\BROI\Downloads\PopcornTime
2015-02-10 23:50 - 2014-04-06 23:12 - 00000000 ____D () C:\Users\BROI
2015-02-10 17:07 - 2014-04-07 14:31 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\vlc
2015-02-10 00:13 - 2014-10-26 15:16 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-10 00:13 - 2014-10-26 15:14 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-09 00:44 - 2014-04-18 14:15 - 00000000 ____D () C:\Users\BROI\AppData\Roaming\Skype
2015-02-09 00:35 - 2014-04-18 14:15 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-02-09 00:35 - 2014-04-18 14:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-09 00:35 - 2014-04-18 14:14 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2014-07-21 19:59 - 2014-07-21 20:03 - 0000164 _____ () C:\Users\BROI\AppData\Roaming\PLGComp.ini
2014-01-31 21:38 - 2014-01-29 20:11 - 0171299 _____ () C:\Users\BROI\AppData\Local\Tempskull.ico
2014-08-01 23:43 - 2014-08-01 23:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.4100.dll


Some content of TEMP:
====================
C:\Users\BROI\AppData\Local\Temp\Quarantine.exe
C:\Users\BROI\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-07 15:27

==================== End Of Log ============================

Dopuna: 08 Mar 2015 18:36

mycity.rs/must-login.png

Dopuna: 08 Mar 2015 18:37

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2015 03
Ran by BROI at 2015-03-08 18:34:11
Running from D:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-840672049-3068425232-2624504446-1001\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.123 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
ESET Smart Security (HKLM\...\{C082CDB9-D173-4740-AE0E-C685E6F44850}) (Version: 8.0.304.0 - ESET, spol s r. o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Codec Pack 10.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 sr) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 sr)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
NRadioBox (HKLM-x32\...\{1AEAA6CC-98C2-4650-A217-EF5F92C3E602}) (Version: 1.0.0 - NRadioBox)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spider-Man 3 (TM) (HKLM-x32\...\InstallShield_{990166FA-1ACB-4AA7-B592-4D370C7CDD1A}) (Version: 1.00.0000 - Activision)
Spider-Man 3(TM) (x32 Version: 1.00.0000 - Activision) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
The Amazing Spider-Man 2 (HKLM-x32\...\VGhlQW1hemluZ1NwaWRlck1hbjI=_is1) (Version: 1 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wise Disk Cleaner 8.41 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 8.41 - WiseCleaner.com, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

08-03-2015 18:15:32 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-08 14:25 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {022F42A6-583C-4799-BB3D-9BEC0949FC40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-27] (Google Inc.)
Task: {1809D97E-18AA-4A74-9570-D3A1E4B17801} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {1EEB66D3-F06D-47BA-8C6D-293FBA83E85F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {26694DBD-650E-4BDD-9629-EE052E101519} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {44552153-12FB-4B94-AF89-BAB2EDAF8F8F} - System32\Tasks\Wise Disk Cleaner Schedule Task => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [2015-01-28] (WiseCleaner.com)
Task: {6B166AB4-8BA5-4E02-BC3D-56040B1CF64B} - \AutoKMS No Task File <==== ATTENTION
Task: {7A4A48A8-6D03-4304-9795-A14645DAEDC0} - System32\Tasks\{E607857F-DC64-4F6E-858A-0E0049C76DAB} => pcalua.exe -a C:\Users\BROI\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=amt <==== ATTENTION
Task: {89A46ADC-61B1-49B1-A4C9-502BF7E0B026} - System32\Tasks\{F35FC8C6-03F2-4D76-9910-1D2A41D048A9} => pcalua.exe -a "C:\Program Files (x86)\HD-V1.9\Uninstall.exe" -c /fcp=1
Task: {BAA3814C-93CF-4B19-BD19-E9DE538E8F10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-27] (Google Inc.)
Task: {CB39EE23-7369-4015-A64F-9C073CC03319} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
Task: {CB401456-98D8-44B8-B4C8-400BF3AAA80A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {CBD3E6AC-98EB-4030-907E-413D23C27D4F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {CC228C3E-A0A5-408B-A4F4-5C7861FA5DEF} - System32\Tasks\{36AD32A7-D4C0-4D52-BC8A-43F8C322D77F} => pcalua.exe -a C:\Users\BROI\Desktop\jxpiinstall.exe -d C:\Users\BROI\Desktop
Task: {E010290F-9446-478D-AA12-569CB370F983} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-26] (Adobe Systems Incorporated)
Task: {F0F06B0E-3B39-47DB-A690-FA748B2C96AC} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Disk Cleaner Schedule Task.job => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) ==============

2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-840672049-3068425232-2624504446-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\BROI\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: CscService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: vds => 3
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DFX => C:\Program Files (x86)\DFX\DFX.exe -startup
MSCONFIG\startupreg: Only-search => C:\Users\BROI\AppData\Local\onlysearch\onlysearch\1.3.12.9\onlysearch.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\BROI\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-840672049-3068425232-2624504446-500 - Administrator - Disabled)
BROI (S-1-5-21-840672049-3068425232-2624504446-1001 - Administrator - Enabled) => C:\Users\BROI
Guest (S-1-5-21-840672049-3068425232-2624504446-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-840672049-3068425232-2624504446-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2015 05:33:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 04:36:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 02:34:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 00:34:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 00:18:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 01:17:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 01:02:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 36.0.1.5542, time stamp: 0x54f851c0
Faulting module name: mozalloc.dll, version: 36.0.1.5542, time stamp: 0x54f8437e
Exception code: 0x80000003
Fault offset: 0x00001e02
Faulting process id: 0x80c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (03/08/2015 00:07:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 11:52:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 08:36:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/08/2015 06:09:16 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (03/08/2015 05:33:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (03/08/2015 05:33:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (03/08/2015 05:33:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (03/08/2015 05:33:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (03/08/2015 05:33:17 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (03/08/2015 05:33:17 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (03/08/2015 05:33:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (03/08/2015 05:33:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (03/08/2015 05:33:08 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801


Microsoft Office Sessions:
=========================
Error: (03/08/2015 05:33:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 04:36:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 02:34:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 00:34:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 00:18:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 01:17:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/08/2015 01:02:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.1.554254f851c0mozalloc.dll36.0.1.554254f8437e8000000300001e0280c01d059330a44e5e0C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll579e97f0-c526-11e4-bcc4-001bfc72466f

Error: (03/08/2015 00:07:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 11:52:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 08:36:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2014-08-01 01:01:07.265
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\AsInsHelp64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-01 01:01:07.187
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\AsInsHelp64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-01 00:57:34.901
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\AsInsHelp64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-01 00:57:34.816
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\AsInsHelp64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 Processor 3500+
Percentage of memory in use: 40%
Total physical RAM: 4095.37 MB
Available physical RAM: 2450.89 MB
Total Pagefile: 8188.92 MB
Available Pagefile: 6289.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:47.75 GB) (Free:3.02 GB) NTFS
Drive d: () (Fixed) (Total:101.2 GB) (Free:44.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 04580458)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=47.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=101.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Dopuna: 08 Mar 2015 18:38

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

closeprocesses:
emptytemp:
Task: {1809D97E-18AA-4A74-9570-D3A1E4B17801} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {1EEB66D3-F06D-47BA-8C6D-293FBA83E85F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {6B166AB4-8BA5-4E02-BC3D-56040B1CF64B} - \AutoKMS No Task File <==== ATTENTION
Task: {7A4A48A8-6D03-4304-9795-A14645DAEDC0} - System32\Tasks\{E607857F-DC64-4F6E-858A-0E0049C76DAB} => pcalua.exe -a C:\Users\BROI\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=amt <==== ATTENTION
Task: {89A46ADC-61B1-49B1-A4C9-502BF7E0B026} - System32\Tasks\{F35FC8C6-03F2-4D76-9910-1D2A41D048A9} => pcalua.exe -a "C:\Program Files (x86)\HD-V1.9\Uninstall.exe" -c /fcp=1
Task: {CBD3E6AC-98EB-4030-907E-413D23C27D4F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {F0F06B0E-3B39-47DB-A690-FA748B2C96AC} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
HKU\S-1-5-21-840672049-3068425232-2624504446-1001\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-840672049-3068425232-2624504446-1001\...\MountPoints2: {bb9ffbc2-c7ec-11e3-bc5d-001bfc72466f} - F:\AutoRun.exe
HKU\S-1-5-21-840672049-3068425232-2624504446-1001\...\MountPoints2: {bb9ffbcc-c7ec-11e3-bc5d-001bfc72466f} - F:\Windows\AutoRun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\PROGRA~1\COMMON~1\System\SysMenu.dl
C:\Users\BROI\AppData\Roaming\webssearches
C:\Program Files (x86)\HD-V1.


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 129

TwinHeadedEagle veliko postovanje za tebe,znaci samo sta mogu da kazem nema reci...Resili smo problem,ne prijavljuje mi se greska na kompjuteru ono kada mi se pali Smile E samo voleo bih da znam ako nije problem sta mu je bilo,i zbog cega mi se ono javljalo ? ? ?I imam jos jedno pitanje,za tebe je to mozda lako ali za mene je tesko,sada kada palim Mozilu pojavljuje mi se adresa ono web srech jeli mozda ima tu i tolbar ili je to samo stranica na kojoj mogu da zamenim...
A hvala ti jos jednom puno na pomoci.

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Imao si puno Adware-a na racunaru, to je bio problem.

Mislim da je to samo stranica koju ces lako zameniti.

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 129

TwinHeadedEagle postovanje,isto kao da mi se cini da mi i racunar mnogo bolje radi,sada mi radi i Mozila a nije htela da se pokrene samo portable mi je radila..Sada je super.Samo mogu da ti kazem hvala ti puno i da si ziv i zdrav Smile

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Odlicno, jos samo da pocistimo alate:


Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings


Klikni na dugme "Run" i pričekaj da program završi rad.
Alat ce ukloniti sve koriscene alate u ovoj temi...
Kada alat završi, otvoriće izvestaj u notepadu.
Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt

Nije potrebno dostavljati izvestaj.

offline
  • Pridružio: 14 Okt 2012
  • Poruke: 129

Odradio sam i ovo sto si rekao Smile SmileE samo imam jos jedno pitanje,mozda je tebi to resivo ali meni je teze posto si struja za racunare Very Happy Very Happy Imam problem jos jedan.Kada sam na Facebook i ono kliknem da cujem neku pesmu,YOUTUBE ili neko sto je okacio snimak mene secka mnogo zvuk i slika,a kada sam samo na YOUTUBE to ne radi.
E sada kako sam ja do nekle skonto,kada pomeram mis ono mi secka,kada ga ne pomeram ono mi ne secka,jel ima resenje za to neko ? ? ?

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Bolje da otvoris temu u Windows forumu, tamo mnogo vise ljudi moze da ti pomogne, ovde resavamo probleme samo sa malverom.

Ko je trenutno na forumu
 

Ukupno su 1317 korisnika na forumu :: 28 registrovanih, 7 sakrivenih i 1282 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: bladesu, Fabius, Georgius, Goran 0000, goxin, Karla, kjkszpj, Kubovac, kybonacci, ljuba, lord sir giga, Lucije Kvint, marsovac 2, Mcdado, Mihajlo, milos.cbr, nemkea71, NoOneEver Dreams, RiV, S2M, slonic_tonic, ss10, Vlad000, voja64, yufighter, zdrebac, Zoca, zzapNDjuric99