MyCity » Ambulanta -> Arhiva Ambulante » Problem sa reklama

Problem sa reklama

Napisano na dan: 16.10.2015

Problem sa reklama
Sledeća strana Pagination

Idi na vrh

Poslao: 16 Okt 2015 18:34
Idi na vrh
offline
  • maha  Male
  • Super građanin
  • Pridružio: 06 Dec 2006
  • Poruke: 1152

Napisano: 16 Okt 2015 18:11

Isti problem imam vec par dana...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-10-2015 01
Ran by PC (administrator) on PC-PC (16-10-2015 17:50:39)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1382672 2015-10-10] (Lavasoft)
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\MountPoints2: {27a7abc8-6dd1-11e5-b3d4-00158315a310} - M:\AutoRun.exe
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\MountPoints2: {4ed57bef-6d68-11e5-b12e-806e6f6e6963} - G:\SETUP.EXE

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-10] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-10] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-10] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-10] (Lavasoft Limited)
Winsock: Catalog9 16 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-10] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-10] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-10] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-10] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-10] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-10] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{72DA6058-7DA2-42C0-AE7C-DAB067732416}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2921931512-397226605-597601975-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_151010__yaie
SearchScopes: HKU\S-1-5-21-2921931512-397226605-597601975-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_151010__yaie&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-10] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-10] (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default
FF NewTab: hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_151010__yaff
FF DefaultSearchEngine: Yahoo®
FF SelectedSearchEngine: Yahoo®
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll [2015-10-07] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll [2015-10-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default\user.js [2015-10-10]
FF Extension: Adblock Plus - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-14]
FF Extension: Sonic Train - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default\Extensions\{f993291f-c7ef-465f-a2b1-a9913a49526b}.xpi [2015-10-10]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2015-10-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2015-10-08] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-10-08] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-10-10] (Lavasoft Limited)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17168 2015-10-10] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-10-10] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-08-15] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-08-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-08-15] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-08-15] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-08-15] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-08-15] (ESET)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-16 17:50 - 2015-10-16 17:51 - 00012499 _____ C:\Users\PC\Desktop\FRST.txt
2015-10-16 17:50 - 2015-10-16 17:50 - 00000000 ____D C:\FRST
2015-10-16 17:43 - 2015-10-16 17:43 - 02196480 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-10-16 17:43 - 2015-10-16 17:43 - 01700352 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2015-10-16 17:15 - 2015-10-16 17:15 - 00022057 _____ C:\Users\PC\Downloads\212621-littleboy.zip
2015-10-16 15:09 - 2015-10-16 15:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-14 23:41 - 2015-10-16 14:42 - 00000280 _____ C:\Windows\setupact.log
2015-10-14 23:41 - 2015-10-14 23:41 - 00000000 _____ C:\Windows\setuperr.log
2015-10-10 22:54 - 2015-10-10 22:55 - 00000000 ____D C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2015-10-10 22:54 - 2015-10-10 22:55 - 00000000 ____D C:\ProgramData\1a0254e4-d458-47fa-82a0-6940ee729f6c
2015-10-10 22:54 - 2015-10-10 22:54 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2015-10-10 22:54 - 2015-10-10 22:54 - 00001950 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-10-10 22:54 - 2015-10-10 22:54 - 00000000 ____D C:\Users\PC\AppData\Roaming\OpenCandy
2015-10-10 22:54 - 2015-10-10 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-10 22:54 - 2015-10-10 22:54 - 00000000 ____D C:\Program Files (x86)\Sonic Train
2015-10-10 22:54 - 2015-10-10 22:54 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-10-10 22:53 - 2015-10-10 22:58 - 13146016 _____ (Disc Soft Ltd) C:\Users\PC\Downloads\DTLite501-0406.exe
2015-10-10 22:53 - 2015-10-10 22:53 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-10-10 22:47 - 2015-10-10 22:47 - 00000000 ____D C:\Users\PC\AppData\Roaming\Lavasoft
2015-10-10 22:47 - 2015-10-10 22:47 - 00000000 ____D C:\Users\PC\AppData\Local\Lavasoft
2015-10-10 22:47 - 2015-10-10 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-10-10 22:46 - 2015-10-11 08:43 - 00002880 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-10-10 22:46 - 2015-10-11 08:43 - 00002880 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-10-10 22:46 - 2015-10-10 22:46 - 00425744 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-10-10 22:46 - 2015-10-10 22:46 - 00345360 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-10-10 22:46 - 2015-10-10 22:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-10-10 22:44 - 2015-10-10 22:44 - 00000000 ____D C:\Users\PC\AppData\Roaming\Opera Software
2015-10-10 22:44 - 2015-10-10 22:44 - 00000000 ____D C:\Users\PC\AppData\Local\Opera Software
2015-10-10 22:44 - 2015-10-10 22:44 - 00000000 ____D C:\ProgramData\Lavasoft
2015-10-10 22:40 - 2015-10-10 22:40 - 00000000 ____D C:\Users\PC\AppData\Roaming\RHEng
2015-10-10 22:40 - 2015-10-10 22:40 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-10-10 22:32 - 2015-10-10 22:32 - 00000991 _____ C:\Users\Public\Desktop\FlashPeak Slimjet.lnk
2015-10-10 22:32 - 2015-10-10 22:32 - 00000000 ____D C:\Users\PC\AppData\Local\Slimjet
2015-10-10 22:32 - 2015-10-10 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashPeak Slimjet
2015-10-10 22:32 - 2015-10-10 22:32 - 00000000 ____D C:\Program Files (x86)\Slimjet
2015-10-10 22:27 - 2015-10-10 22:27 - 00001948 _____ C:\Users\Public\Desktop\Serious Sam The Second Encounter.lnk
2015-10-10 22:27 - 2015-10-10 22:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-10-10 22:27 - 2015-10-10 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-10-10 22:27 - 2015-10-10 22:27 - 00000000 ____D C:\GOG Games
2015-10-10 22:22 - 2015-10-10 22:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\MAGIX
2015-10-10 22:22 - 2015-10-10 22:22 - 00000000 ____D C:\ProgramData\MAGIX
2015-10-10 22:20 - 2015-10-10 22:49 - 00000000 ____D C:\ProgramData\simplitec
2015-10-10 22:20 - 2015-10-10 22:20 - 00000606 _____ C:\Users\PC\Desktop\KMPlayer.lnk
2015-10-10 22:20 - 2015-10-10 22:20 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-10-10 22:20 - 2015-10-10 22:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-10 22:20 - 2015-05-06 16:54 - 00120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll
2015-10-10 22:19 - 2015-10-15 20:14 - 00000000 ____D C:\KMPlayer
2015-10-10 22:15 - 2015-10-10 22:15 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-10-10 22:15 - 2015-10-10 22:15 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-10 22:15 - 2015-10-10 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-10-10 22:15 - 2015-10-10 22:15 - 00000000 ____D C:\Program Files\CCleaner
2015-10-10 22:13 - 2015-10-10 22:13 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-10-10 22:13 - 2015-10-10 22:13 - 00000000 ____D C:\Program Files\Unlocker
2015-10-10 22:12 - 2015-10-10 22:12 - 00001272 _____ C:\Users\PC\Desktop\Snipping Tool.lnk
2015-10-10 21:16 - 2015-10-16 17:18 - 00000000 ____D C:\Users\PC\AppData\LocalLow\uTorrent
2015-10-10 21:14 - 2015-10-10 21:14 - 00002586 _____ C:\Users\PC\Desktop\µTorrent.lnk
2015-10-10 21:14 - 2015-10-10 21:14 - 00002586 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-10 21:12 - 2015-10-16 17:50 - 00000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2015-10-10 21:11 - 2015-10-10 21:26 - 154429024 _____ (AVAST Software) C:\Users\PC\Downloads\avast_free_antivirus_setup.exe
2015-10-10 21:04 - 2015-10-10 21:04 - 00001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\Users\PC\AppData\Local\VS Revo Group
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\Program Files\VS Revo Group
2015-10-10 21:04 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-10-10 20:58 - 2015-10-10 20:58 - 00000000 ____D C:\Program Files (x86)\Serious Sam 3 BFE Deluxe Edition
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\Sun
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\NVIDIA
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Sun
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\.oracle_jre_usage
2015-10-10 13:38 - 2015-10-10 13:39 - 00000000 ____D C:\ProgramData\Oracle
2015-10-10 13:38 - 2015-10-10 13:38 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-10 13:38 - 2015-10-10 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-10 13:38 - 2015-10-10 13:38 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-10 13:36 - 2015-10-10 13:36 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Oracle
2015-10-10 13:35 - 2015-10-15 18:42 - 00000000 ____D C:\Users\PC\AppData\Roaming\.minecraft
2015-10-10 13:35 - 2015-10-10 13:35 - 00002071 _____ C:\Users\PC\Desktop\Minecraft.lnk
2015-10-10 13:35 - 2015-10-10 13:35 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-10-08 18:30 - 2015-10-15 18:30 - 00003348 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2015-10-08 18:30 - 2015-10-08 18:30 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-08 18:18 - 2006-10-06 14:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
2015-10-08 18:18 - 2000-05-22 16:58 - 00647872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Mscomct2.ocx
2015-10-08 18:03 - 2015-10-08 18:06 - 00000000 ____D C:\Windows\system32\MRT
2015-10-08 18:03 - 2015-08-26 18:37 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-08 18:00 - 2015-10-08 18:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-10-08 17:47 - 2015-10-08 17:47 - 00000000 ____D C:\Users\PC\AppData\Local\Macromedia
2015-10-08 17:44 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-10-08 17:44 - 2011-04-09 08:45 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-08 17:44 - 2011-04-09 08:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-08 17:44 - 2011-04-09 08:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-08 17:44 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-10-08 09:21 - 2015-10-08 09:21 - 00000000 ____D C:\Windows\pss
2015-10-08 09:20 - 2015-10-08 09:20 - 00000000 ____D C:\Users\PC\AppData\Roaming\ESET
2015-10-08 09:20 - 2015-10-08 09:20 - 00000000 ____D C:\Users\PC\AppData\Local\ESET
2015-10-08 09:18 - 2015-10-08 09:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-10-08 09:18 - 2015-10-08 09:18 - 00000000 ____D C:\ProgramData\ESET
2015-10-08 09:18 - 2015-10-08 09:18 - 00000000 ____D C:\Program Files\ESET
2015-10-08 05:56 - 2015-10-14 20:10 - 00000000 ____D C:\Windows\Panther
2015-10-08 05:00 - 2015-10-08 05:00 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-10-08 05:00 - 2015-10-08 05:00 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-10-08 04:58 - 2015-10-08 04:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-10-07 22:06 - 2003-06-12 23:25 - 00007062 _____ C:\Windows\SysWOW64\audiopid.vxd
2015-10-07 22:05 - 2015-10-08 18:21 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2015-10-07 22:05 - 2015-10-08 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-10-07 22:05 - 2015-10-08 18:18 - 00000000 ____D C:\ProgramData\Creative
2015-10-07 22:05 - 2015-10-08 18:02 - 00000000 ____D C:\Program Files\Creative
2015-10-07 22:05 - 2015-10-08 18:01 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00000159 ___RH C:\Windows\ctfile.rfc
2015-10-07 22:05 - 2015-10-07 22:05 - 00000000 ____D C:\Program Files (x86)\OpenAL
2015-10-07 22:05 - 2009-03-26 14:48 - 00190976 _____ C:\Windows\system32\APOMgr64.DLL
2015-10-07 22:05 - 2009-03-26 14:46 - 00148480 _____ C:\Windows\SysWOW64\APOMngr.DLL
2015-10-07 22:05 - 2009-02-06 18:53 - 00089088 _____ C:\Windows\system32\CmdRtr64.DLL
2015-10-07 22:05 - 2009-02-06 18:52 - 00073728 _____ C:\Windows\SysWOW64\CmdRtr.DLL
2015-10-07 22:05 - 2008-02-04 10:28 - 00107008 _____ (Creative Technology Ltd) C:\Windows\system32\cttele64.dll
2015-10-07 22:05 - 2008-02-04 10:27 - 00102400 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\cttele32.dll
2015-10-07 22:04 - 2015-10-08 18:20 - 00000000 ____D C:\Program Files (x86)\Creative
2015-10-07 22:04 - 2015-10-07 22:04 - 00000000 ____D C:\Windows\SysWOW64\Data
2015-10-07 22:04 - 2015-10-07 22:04 - 00000000 ____D C:\Windows\system32\Data
2015-10-07 22:04 - 2014-03-01 03:45 - 00012288 _____ (Creative Technology Limited) C:\Windows\system32\INRES.DLL
2015-10-07 22:04 - 2014-03-01 01:28 - 00011776 _____ (Creative Technology Limited) C:\Windows\SysWOW64\INRES.DLL
2015-10-07 21:37 - 2015-06-23 13:30 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-10-07 21:33 - 2015-10-07 21:33 - 00000000 ____D C:\Users\PC\AppData\Local\CEF
2015-10-07 21:23 - 2015-10-10 21:08 - 00000000 ____D C:\Users\PC\AppData\Roaming\CyberLink
2015-10-07 21:23 - 2015-10-07 21:23 - 00000000 ____D C:\Users\PC\Documents\CyberLink
2015-10-07 21:21 - 2015-10-10 21:08 - 00000000 ____D C:\ProgramData\CyberLink
2015-10-07 21:21 - 2015-10-07 21:21 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-10-07 21:21 - 2015-10-07 21:21 - 00000000 ____D C:\Users\PC\AppData\Local\MediaServer
2015-10-07 21:21 - 2015-10-07 21:21 - 00000000 ____D C:\ProgramData\PDVD
2015-10-07 21:20 - 2015-10-10 21:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-07 21:20 - 2015-10-10 21:08 - 00000000 ____D C:\ProgramData\install_clap
2015-10-07 21:20 - 2015-10-07 21:21 - 00000000 ____D C:\ProgramData\Temp
2015-10-07 21:19 - 2015-10-07 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-07 21:18 - 2015-10-07 21:18 - 00000000 ____D C:\Users\PC\AppData\Local\NVIDIA
2015-10-07 21:14 - 2015-10-16 14:42 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-07 21:14 - 2015-10-07 21:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-07 21:14 - 2015-10-07 21:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-10-07 21:14 - 2015-10-07 21:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-07 21:14 - 2015-02-20 01:57 - 00072904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-10-07 21:14 - 2015-02-20 01:57 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 06782152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 03522376 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 00932040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-07 21:14 - 2015-02-04 04:21 - 00384200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-07 21:14 - 2015-02-04 02:00 - 00608072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-07 21:14 - 2015-02-03 18:18 - 04229086 _____ C:\Windows\system32\nvcoproc.bin
2015-10-07 21:10 - 2015-10-10 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2015-10-07 21:10 - 2015-10-10 21:06 - 00000000 ____D C:\Program Files\DAUM
2015-10-07 21:10 - 2015-10-07 21:10 - 00000000 ____D C:\Users\PC\AppData\Roaming\Macromedia
2015-10-07 21:09 - 2015-10-07 21:09 - 00000979 _____ C:\Users\Public\Desktop\Winamp.lnk
2015-10-07 21:09 - 2015-10-07 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-10-07 21:09 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-10-07 21:09 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-10-07 21:08 - 2015-10-07 21:09 - 00000000 ____D C:\Users\PC\AppData\Roaming\Winamp
2015-10-07 21:08 - 2015-10-07 21:09 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-10-07 21:07 - 2015-10-07 21:07 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-07 21:07 - 2015-10-07 21:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\Windows\system32\Macromed
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-10-07 21:07 - 2008-11-24 16:32 - 00057344 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-10-07 21:07 - 2008-10-29 00:35 - 00684032 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx.dll
2015-10-07 21:07 - 2008-10-03 14:30 - 00000414 _____ C:\Windows\SysWOW64\lame_acm.xml
2015-10-07 21:07 - 2008-09-25 10:03 - 00081920 _____ (DivX, Inc.) C:\Windows\SysWOW64\dpl100.dll
2015-10-07 21:07 - 2008-09-24 20:41 - 00839680 _____ (http://www.mp3dev.org/) C:\Windows\SysWOW64\lameACM.acm
2015-10-07 21:07 - 2008-09-19 23:57 - 03596288 _____ C:\Windows\SysWOW64\qt-dx331.dll
2015-10-07 21:07 - 2008-07-30 21:09 - 00000038 _____ C:\Windows\avisplitter.ini
2015-10-07 21:07 - 2008-01-10 14:16 - 00159839 _____ C:\Windows\SysWOW64\xvidvfw.dll
2015-10-07 21:07 - 2008-01-10 14:15 - 00755027 _____ C:\Windows\SysWOW64\xvidcore.dll
2015-10-07 21:07 - 2007-09-21 02:52 - 00118784 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2015-10-07 21:07 - 2007-09-04 18:56 - 00164352 _____ C:\Windows\SysWOW64\unrar.dll
2015-10-07 21:07 - 2007-07-10 18:10 - 00000547 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest
2015-10-07 21:07 - 2004-01-25 18:18 - 00217088 _____ (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2015-10-07 21:07 - 2004-01-12 00:00 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-10-07 21:06 - 2015-10-16 15:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-07 21:06 - 2015-10-07 21:06 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-07 21:06 - 2015-10-07 21:06 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Users\PC\AppData\Roaming\Mozilla
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Users\PC\AppData\Roaming\FastStone
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Users\PC\AppData\Local\Mozilla
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\ProgramData\Mozilla
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2015-10-07 21:06 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-07 21:06 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-07 21:06 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-07 21:06 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-07 21:06 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-07 21:06 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-07 21:06 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-07 21:06 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-07 21:06 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-07 21:05 - 2015-10-14 00:45 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-07 21:05 - 2015-10-14 00:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-07 21:05 - 2015-10-07 21:10 - 00000000 ____D C:\Users\PC\AppData\Roaming\Adobe
2015-10-07 21:05 - 2015-10-07 21:05 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Adobe
2015-10-07 21:05 - 2015-10-07 21:05 - 00000000 ____D C:\Users\PC\AppData\Local\Adobe
2015-10-07 21:04 - 2015-10-07 21:30 - 00000000 ____D C:\ProgramData\Adobe
2015-10-07 21:04 - 2015-10-07 21:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\Nero
2015-10-07 21:04 - 2015-10-07 21:04 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-07 21:04 - 2015-10-07 21:01 - 00002636 _____ C:\Users\PC\Desktop\Nero Burning ROM.lnk
2015-10-07 21:01 - 2015-10-07 21:01 - 00000000 ____D C:\Users\PC\AppData\Local\Ahead
2015-10-07 21:01 - 2015-10-07 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
2015-10-07 20:48 - 2015-10-07 20:48 - 00001024 _____ C:\Users\PC\.rnd
2015-10-07 20:48 - 2015-10-07 20:48 - 00000188 _____ C:\Windows\SysWOW64\MsiExec.exe.log
2015-10-07 20:48 - 2015-10-07 20:48 - 00000026 _____ C:\Windows\Irremote.ini
2015-10-07 20:48 - 2015-10-07 20:48 - 00000000 ____D C:\ProgramData\Nero
2015-10-07 20:48 - 2015-10-07 20:48 - 00000000 ____D C:\Program Files (x86)\Nero
2015-10-07 20:46 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-10-07 20:46 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-10-07 20:44 - 2015-10-07 20:29 - 00003021 _____ C:\Users\PC\Desktop\Microsoft Word 2010.lnk
2015-10-07 20:44 - 2015-10-07 20:29 - 00002951 _____ C:\Users\PC\Desktop\Microsoft Excel 2010.lnk
2015-10-07 20:42 - 2015-10-16 14:43 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2015-10-07 20:42 - 2015-10-16 14:43 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2015-10-07 20:42 - 2015-10-14 19:47 - 00108840 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-07 20:42 - 2015-10-07 20:44 - 00000000 ____D C:\Windows\AutoKMS
2015-10-07 20:41 - 2015-10-07 20:41 - 00000000 ____D C:\Users\PC\AppData\Roaming\WinRAR
2015-10-07 20:29 - 2015-10-07 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-10-07 20:29 - 2015-10-07 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Windows\PCHEALTH
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-07 20:27 - 2015-10-07 20:27 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-10-07 20:27 - 2015-10-07 20:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2015-10-07 20:26 - 2015-10-07 20:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-07 20:26 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 __RHD C:\MSOCache
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 ____D C:\Users\PC\AppData\Local\Microsoft Help
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 ____D C:\Program Files\Microsoft Office
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-10-07 20:25 - 2015-10-07 20:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-07 20:25 - 2015-10-07 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-07 20:25 - 2015-10-07 20:25 - 00000000 ____D C:\Program Files (x86)\WinRar
2015-10-07 20:19 - 2015-10-08 18:10 - 00764390 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-07 20:17 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-10-07 20:17 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2015-10-07 20:17 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-10-07 20:12 - 2015-10-10 22:48 - 00001443 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-07 20:12 - 2015-10-10 22:48 - 00001409 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-10-07 20:12 - 2015-10-07 20:12 - 00000020 ___SH C:\Users\PC\ntuser.ini
2015-10-07 20:12 - 2015-10-07 20:12 - 00000000 ____D C:\Users\PC\AppData\Local\VirtualStore
2015-10-07 20:11 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC
2015-10-07 20:11 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-07 20:11 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-07 20:08 - 2015-10-15 21:09 - 00393921 _____ C:\Windows\WindowsUpdate.log
2015-10-07 20:08 - 2015-10-07 20:08 - 00000000 __SHD C:\Recovery

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-16 14:48 - 2009-07-14 07:13 - 00779266 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-16 14:48 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-16 14:48 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-16 14:42 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-13 16:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-10-11 08:43 - 2009-07-14 06:45 - 00414656 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-10 22:27 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-08 21:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-10-08 05:56 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-10-08 05:56 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-10-08 05:56 - 2009-07-14 06:45 - 00000000 ____D C:\Windows\Setup
2015-10-08 05:00 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-08 04:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-10-08 04:58 - 2009-07-14 09:46 - 00000000 ____D C:\Windows\CSC
2015-10-07 21:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-10-07 20:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2015-10-07 20:28 - 2009-07-14 09:46 - 00000000 ____D C:\Windows\ShellNew
2015-10-07 20:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-07 20:27 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-07 20:26 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-10-07 20:17 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-11 14:55

==================== End of FRST.txt ============================





https://www.mycity.rs/must-login.png






Dopuna: 16 Okt 2015 18:34

evo scen a i sa zoek-om


Zoek.exe v5.0.0.1 Updated 15-October-2015
Tool run by PC on pet 16.10.2015 at 18:14:25,35.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PC\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

16.10.2015 18:14:57 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\Program Files\DAUM deleted successfully
C:\Users\PC\AppData\Roaming\WinRAR deleted successfully
C:\Users\PC\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2921931512-397226605-597601975-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-2921931512-397226605-597601975-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================


==== File Information Results ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SearchProtectionService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SearchProtectionService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LavasoftTcpService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LavasoftTcpService deleted successfully

==== Batch Command(s) Run By Tool======================


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

BITSADMIN version 3.0 [ 7.5.7600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


==== Deleting Files \ Folders ======================

C:\Users\Anđelić\AppData\Roaming\w9PkZhJalsisHJDt2gdddRisW not found
C:\Program Files\FrostWire 6 not found
C:\Program Files\Jelbruss Secure Web not found
"C:\Users\Anđelić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk" not found
C:\PROGRA~3\1a0254e4-d458-47fa-82a0-6940ee729f6c deleted
C:\PROGRA~2\COMMON~1\1a0254e4-d458-47fa-82a0-6940ee729f6c deleted
C:\Users\PC\AppData\Roaming\Lavasoft\Web Companion deleted
C:\Users\PC\AppData\Roaming\RHEng deleted
C:\Users\PC\AppData\Roaming\OpenCandy deleted
C:\PROGRA~3\Lavasoft\Web Companion deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\PC\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\LavasoftTcpService deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lavasoft\WebCompanion deleted
C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini deleted
"C:\Windows\SysWOW64\LavasoftTcpService.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\log4net.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\System.Data.SQLite.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\WebCompanion.exe" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\en-US\WebCompanion.resources.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\x86\SQLite.Interop.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\en-US" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\x86" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "https://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_151010__yaff");
user_pref("browser.search.defaultenginename", "Yahoo®");
user_pref("browser.search.selectedEngine", "Yahoo®");

==== Firefox Extensions ======================

ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Sonic Train - %ProfilePath%\extensions\{f993291f-c7ef-465f-a2b1-a9913a49526b}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default
424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_151010__yaie"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Uninstall List x64 ======================

Adobe Acrobat Reader DC MUI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-FFFF-7B44-AC0F074E4100}]
Adobe Flash Player 16 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
Adobe Flash Player 16 NPAPI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI]
Adobe Refresh Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824157129}]
CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner]
Creative ALchemy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ALchemy]
Creative Audio Control Panel [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AudioCS]
Creative MediaSource 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}]
Creative Software AutoUpdate [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Creative Software AutoUpdate]
Creative Sound Blaster Properties x64 Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Creative Sound Blaster Properties x64 Edition]
Creative WaveStudio 7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WaveStudio 7]
DAEMON Tools Lite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Lite]
ESET Smart Security [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5E36CC8E-12E2-4900-B1EA-9DBE625B9D79}]
FastStone Image Viewer 4.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FastStone Image Viewer]
FlashPeak Slimjet [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Slimjet]
Java 8 Update 60 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218060F0}]
K-Lite Codec Pack 4.3.4 (Full) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1]
KMPlayer (remove only) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\The KMPlayer]
Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}]
Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}]
Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PROPLUS]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}]
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}]
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}]
Minecraft1.5.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Minecraft1.5.1]
Mozilla Firefox 41.0.2 (x86 en-US) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 41.0.2 (x86 en-US)]
Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]
MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]
MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]
Nero 8 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6C9AF27-9414-46C8-B9D8-D878BA04CECC}]
neroxml [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}]
NVIDIA 3D Vision Driver 341.44 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision]
NVIDIA Control Panel 341.44 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel]
NVIDIA Graphics Driver 341.44 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver]
NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer]
NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo]
NVIDIA Update 10.4.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update]
NVIDIA Update Core [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core]
OpenAL [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OpenAL]
Revo Uninstaller Pro 3.1.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1]
Serious Sam The Second Encounter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1207658877_is1]
Sonic Train [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sonic Train]
Unlocker 1.9.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Unlocker]
uTorrent [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
VCRedistSetup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3921A67A-5AB1-4E48-9444-C71814CF3027}]
Web Companion [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{289975bf-8e99-4ada-b3a1-cc2f2dbd65fe}]
Winamp [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winamp]
WinRAR archiver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{289975bf-8e99-4ada-b3a1-cc2f2dbd65fe} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\PC\AppData\Local\Mozilla\Firefox\Profiles\fhrs4jei.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\PC\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\PC\AppData\Local\Slimjet\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=121 folders=50 32837653 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\PC\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\PC\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on pet 16.10.2015 at 18:30:39,66 ======================

Poslao: 17 Okt 2015 01:32
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Pozdrav,

Ponovo pokreni FRST, cekiraj Addition.txt, klikni na Scan i prikaci oba izvestaja.

Poslao: 17 Okt 2015 16:45
Idi na vrh
offline
  • maha  Male
  • Super građanin
  • Pridružio: 06 Dec 2006
  • Poruke: 1152

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-10-2015 01
Ran by PC (administrator) on PC-PC (17-10-2015 16:41:53)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\MountPoints2: {27a7abc8-6dd1-11e5-b3d4-00158315a310} - M:\AutoRun.exe
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\MountPoints2: {4ed57bef-6d68-11e5-b12e-806e6f6e6963} - G:\SETUP.EXE
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\MountPoints2: {8662f257-6f8c-11e5-a6de-00158315a310} - N:\Setup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{72DA6058-7DA2-42C0-AE7C-DAB067732416}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2921931512-397226605-597601975-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2921931512-397226605-597601975-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-10] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-10] (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default
FF NewTab: hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_151010__yaff
FF DefaultSearchEngine: Yahoo®
FF SelectedSearchEngine: Yahoo®
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll [2015-10-07] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll [2015-10-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default\user.js [2015-10-10]
FF Extension: Adblock Plus - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-14]
FF Extension: Sonic Train - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default\Extensions\{f993291f-c7ef-465f-a2b1-a9913a49526b}.xpi [2015-10-10]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2015-10-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2015-10-08] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-10-08] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-10-10] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-08-15] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-08-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-08-15] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-08-15] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-08-15] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-08-15] (ESET)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-16 20:30 - 2015-10-16 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serious Sam
2015-10-16 20:30 - 2015-10-16 20:30 - 00000000 ____D C:\Program Files (x86)\Croteam
2015-10-16 18:43 - 2015-10-16 18:43 - 00000000 ____D C:\Users\PC\AppData\Roaming\WinRAR
2015-10-16 18:30 - 2015-10-16 18:30 - 00000598 _____ C:\Windows\PFRO.log
2015-10-16 18:30 - 2015-10-16 18:30 - 00000000 ____D C:\Users\PC\AppData\Local\VirtualStore
2015-10-16 18:28 - 2015-10-16 18:14 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-10-16 18:14 - 2015-10-16 18:30 - 00016927 _____ C:\zoek-results.log
2015-10-16 18:14 - 2015-10-16 18:25 - 00000000 ____D C:\zoek_backup
2015-10-16 18:07 - 2015-10-16 18:07 - 01309184 _____ C:\Users\PC\Downloads\zoek.exe
2015-10-16 18:07 - 2015-10-16 18:07 - 01309184 _____ C:\Users\PC\Desktop\zoek.exe
2015-10-16 17:51 - 2015-10-16 17:51 - 00023163 _____ C:\Users\PC\Desktop\Addition.txt
2015-10-16 17:50 - 2015-10-17 16:42 - 00010597 _____ C:\Users\PC\Desktop\FRST.txt
2015-10-16 17:50 - 2015-10-17 16:41 - 00000000 ____D C:\FRST
2015-10-16 17:43 - 2015-10-16 17:43 - 02196480 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-10-16 17:43 - 2015-10-16 17:43 - 01700352 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2015-10-16 15:09 - 2015-10-16 18:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-14 23:41 - 2015-10-17 09:03 - 00000392 _____ C:\Windows\setupact.log
2015-10-14 23:41 - 2015-10-14 23:41 - 00000000 _____ C:\Windows\setuperr.log
2015-10-10 22:54 - 2015-10-16 20:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2015-10-10 22:54 - 2015-10-10 22:54 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2015-10-10 22:54 - 2015-10-10 22:54 - 00001950 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-10-10 22:54 - 2015-10-10 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-10 22:54 - 2015-10-10 22:54 - 00000000 ____D C:\Program Files (x86)\Sonic Train
2015-10-10 22:54 - 2015-10-10 22:54 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-10-10 22:53 - 2015-10-16 20:30 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-10-10 22:53 - 2015-10-10 22:58 - 13146016 _____ (Disc Soft Ltd) C:\Users\PC\Downloads\DTLite501-0406.exe
2015-10-10 22:47 - 2015-10-16 18:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Lavasoft
2015-10-10 22:47 - 2015-10-16 18:25 - 00000000 ____D C:\Users\PC\AppData\Local\Lavasoft
2015-10-10 22:47 - 2015-10-16 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-10-10 22:46 - 2015-10-16 18:25 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-10-10 22:46 - 2015-10-11 08:43 - 00002880 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-10-10 22:46 - 2015-10-10 22:46 - 00425744 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-10-10 22:46 - 2015-10-10 22:46 - 00345360 _____ (Lavasoft Limited) C:\Windows\SysWOW64\Lavasearch
2015-10-10 22:44 - 2015-10-16 18:25 - 00000000 ____D C:\ProgramData\Lavasoft
2015-10-10 22:44 - 2015-10-10 22:44 - 00000000 ____D C:\Users\PC\AppData\Roaming\Opera Software
2015-10-10 22:44 - 2015-10-10 22:44 - 00000000 ____D C:\Users\PC\AppData\Local\Opera Software
2015-10-10 22:40 - 2015-10-10 22:40 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-10-10 22:32 - 2015-10-10 22:32 - 00000991 _____ C:\Users\Public\Desktop\FlashPeak Slimjet.lnk
2015-10-10 22:32 - 2015-10-10 22:32 - 00000000 ____D C:\Users\PC\AppData\Local\Slimjet
2015-10-10 22:32 - 2015-10-10 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashPeak Slimjet
2015-10-10 22:32 - 2015-10-10 22:32 - 00000000 ____D C:\Program Files (x86)\Slimjet
2015-10-10 22:27 - 2015-10-10 22:27 - 00001948 _____ C:\Users\Public\Desktop\Serious Sam The Second Encounter.lnk
2015-10-10 22:27 - 2015-10-10 22:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-10-10 22:27 - 2015-10-10 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-10-10 22:27 - 2015-10-10 22:27 - 00000000 ____D C:\GOG Games
2015-10-10 22:22 - 2015-10-10 22:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\MAGIX
2015-10-10 22:22 - 2015-10-10 22:22 - 00000000 ____D C:\ProgramData\MAGIX
2015-10-10 22:20 - 2015-10-10 22:49 - 00000000 ____D C:\ProgramData\simplitec
2015-10-10 22:20 - 2015-10-10 22:20 - 00000606 _____ C:\Users\PC\Desktop\KMPlayer.lnk
2015-10-10 22:20 - 2015-10-10 22:20 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-10-10 22:20 - 2015-05-06 16:54 - 00120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll
2015-10-10 22:19 - 2015-10-16 18:43 - 00000000 ____D C:\KMPlayer
2015-10-10 22:15 - 2015-10-10 22:15 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-10-10 22:15 - 2015-10-10 22:15 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-10 22:15 - 2015-10-10 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-10-10 22:15 - 2015-10-10 22:15 - 00000000 ____D C:\Program Files\CCleaner
2015-10-10 22:13 - 2015-10-10 22:13 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-10-10 22:13 - 2015-10-10 22:13 - 00000000 ____D C:\Program Files\Unlocker
2015-10-10 22:12 - 2015-10-10 22:12 - 00001272 _____ C:\Users\PC\Desktop\Snipping Tool.lnk
2015-10-10 21:16 - 2015-10-16 17:18 - 00000000 ____D C:\Users\PC\AppData\LocalLow\uTorrent
2015-10-10 21:14 - 2015-10-10 21:14 - 00002586 _____ C:\Users\PC\Desktop\µTorrent.lnk
2015-10-10 21:14 - 2015-10-10 21:14 - 00002586 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-10 21:12 - 2015-10-16 18:29 - 00000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2015-10-10 21:11 - 2015-10-10 21:26 - 154429024 _____ (AVAST Software) C:\Users\PC\Downloads\avast_free_antivirus_setup.exe
2015-10-10 21:04 - 2015-10-10 21:04 - 00001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\Users\PC\AppData\Local\VS Revo Group
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\Program Files\VS Revo Group
2015-10-10 21:04 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-10-10 20:58 - 2015-10-10 20:58 - 00000000 ____D C:\Program Files (x86)\Serious Sam 3 BFE Deluxe Edition
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\Sun
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\NVIDIA
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Sun
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\.oracle_jre_usage
2015-10-10 13:38 - 2015-10-10 13:39 - 00000000 ____D C:\ProgramData\Oracle
2015-10-10 13:38 - 2015-10-10 13:38 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-10 13:38 - 2015-10-10 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-10 13:38 - 2015-10-10 13:38 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-10 13:36 - 2015-10-10 13:36 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Oracle
2015-10-10 13:35 - 2015-10-17 09:23 - 00000000 ____D C:\Users\PC\AppData\Roaming\.minecraft
2015-10-10 13:35 - 2015-10-10 13:35 - 00002071 _____ C:\Users\PC\Desktop\Minecraft.lnk
2015-10-10 13:35 - 2015-10-10 13:35 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-10-08 18:30 - 2015-10-15 18:30 - 00003348 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2015-10-08 18:30 - 2015-10-08 18:30 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-08 18:18 - 2006-10-06 14:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
2015-10-08 18:18 - 2000-05-22 16:58 - 00647872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Mscomct2.ocx
2015-10-08 18:03 - 2015-10-08 18:06 - 00000000 ____D C:\Windows\system32\MRT
2015-10-08 18:03 - 2015-08-26 18:37 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-08 17:47 - 2015-10-08 17:47 - 00000000 ____D C:\Users\PC\AppData\Local\Macromedia
2015-10-08 17:44 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-10-08 17:44 - 2011-04-09 08:45 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-08 17:44 - 2011-04-09 08:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-08 17:44 - 2011-04-09 08:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-08 17:44 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-10-08 09:21 - 2015-10-08 09:21 - 00000000 ____D C:\Windows\pss
2015-10-08 09:20 - 2015-10-08 09:20 - 00000000 ____D C:\Users\PC\AppData\Roaming\ESET
2015-10-08 09:20 - 2015-10-08 09:20 - 00000000 ____D C:\Users\PC\AppData\Local\ESET
2015-10-08 09:18 - 2015-10-08 09:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-10-08 09:18 - 2015-10-08 09:18 - 00000000 ____D C:\ProgramData\ESET
2015-10-08 09:18 - 2015-10-08 09:18 - 00000000 ____D C:\Program Files\ESET
2015-10-08 05:56 - 2015-10-14 20:10 - 00000000 ____D C:\Windows\Panther
2015-10-08 05:00 - 2015-10-08 05:00 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-10-08 05:00 - 2015-10-08 05:00 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-10-08 04:58 - 2015-10-08 04:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-10-07 22:06 - 2003-06-12 23:25 - 00007062 _____ C:\Windows\SysWOW64\audiopid.vxd
2015-10-07 22:05 - 2015-10-08 18:21 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2015-10-07 22:05 - 2015-10-08 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-10-07 22:05 - 2015-10-08 18:18 - 00000000 ____D C:\ProgramData\Creative
2015-10-07 22:05 - 2015-10-08 18:02 - 00000000 ____D C:\Program Files\Creative
2015-10-07 22:05 - 2015-10-08 18:01 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00000159 ___RH C:\Windows\ctfile.rfc
2015-10-07 22:05 - 2015-10-07 22:05 - 00000000 ____D C:\Program Files (x86)\OpenAL
2015-10-07 22:05 - 2009-03-26 14:48 - 00190976 _____ C:\Windows\system32\APOMgr64.DLL
2015-10-07 22:05 - 2009-03-26 14:46 - 00148480 _____ C:\Windows\SysWOW64\APOMngr.DLL
2015-10-07 22:05 - 2009-02-06 18:53 - 00089088 _____ C:\Windows\system32\CmdRtr64.DLL
2015-10-07 22:05 - 2009-02-06 18:52 - 00073728 _____ C:\Windows\SysWOW64\CmdRtr.DLL
2015-10-07 22:05 - 2008-02-04 10:28 - 00107008 _____ (Creative Technology Ltd) C:\Windows\system32\cttele64.dll
2015-10-07 22:05 - 2008-02-04 10:27 - 00102400 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\cttele32.dll
2015-10-07 22:04 - 2015-10-08 18:20 - 00000000 ____D C:\Program Files (x86)\Creative
2015-10-07 22:04 - 2015-10-07 22:04 - 00000000 ____D C:\Windows\SysWOW64\Data
2015-10-07 22:04 - 2015-10-07 22:04 - 00000000 ____D C:\Windows\system32\Data
2015-10-07 22:04 - 2014-03-01 03:45 - 00012288 _____ (Creative Technology Limited) C:\Windows\system32\INRES.DLL
2015-10-07 22:04 - 2014-03-01 01:28 - 00011776 _____ (Creative Technology Limited) C:\Windows\SysWOW64\INRES.DLL
2015-10-07 21:37 - 2015-06-23 13:30 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-10-07 21:33 - 2015-10-07 21:33 - 00000000 ____D C:\Users\PC\AppData\Local\CEF
2015-10-07 21:23 - 2015-10-10 21:08 - 00000000 ____D C:\Users\PC\AppData\Roaming\CyberLink
2015-10-07 21:23 - 2015-10-07 21:23 - 00000000 ____D C:\Users\PC\Documents\CyberLink
2015-10-07 21:21 - 2015-10-10 21:08 - 00000000 ____D C:\ProgramData\CyberLink
2015-10-07 21:21 - 2015-10-07 21:21 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-10-07 21:21 - 2015-10-07 21:21 - 00000000 ____D C:\Users\PC\AppData\Local\MediaServer
2015-10-07 21:21 - 2015-10-07 21:21 - 00000000 ____D C:\ProgramData\PDVD
2015-10-07 21:20 - 2015-10-16 20:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-07 21:20 - 2015-10-10 21:08 - 00000000 ____D C:\ProgramData\install_clap
2015-10-07 21:20 - 2015-10-07 21:21 - 00000000 ____D C:\ProgramData\Temp
2015-10-07 21:19 - 2015-10-07 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-07 21:18 - 2015-10-07 21:18 - 00000000 ____D C:\Users\PC\AppData\Local\NVIDIA
2015-10-07 21:14 - 2015-10-17 09:03 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-07 21:14 - 2015-10-07 21:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-07 21:14 - 2015-10-07 21:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-10-07 21:14 - 2015-10-07 21:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-07 21:14 - 2015-02-20 01:57 - 00072904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-10-07 21:14 - 2015-02-20 01:57 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 06782152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 03522376 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 00932040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-07 21:14 - 2015-02-04 04:21 - 00384200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-07 21:14 - 2015-02-04 02:00 - 00608072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-07 21:14 - 2015-02-03 18:18 - 04229086 _____ C:\Windows\system32\nvcoproc.bin
2015-10-07 21:10 - 2015-10-10 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2015-10-07 21:10 - 2015-10-07 21:10 - 00000000 ____D C:\Users\PC\AppData\Roaming\Macromedia
2015-10-07 21:09 - 2015-10-07 21:09 - 00000979 _____ C:\Users\Public\Desktop\Winamp.lnk
2015-10-07 21:09 - 2015-10-07 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-10-07 21:09 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-10-07 21:09 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-10-07 21:08 - 2015-10-07 21:09 - 00000000 ____D C:\Users\PC\AppData\Roaming\Winamp
2015-10-07 21:08 - 2015-10-07 21:09 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-10-07 21:07 - 2015-10-07 21:07 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-07 21:07 - 2015-10-07 21:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\Windows\system32\Macromed
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-10-07 21:07 - 2008-11-24 16:32 - 00057344 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-10-07 21:07 - 2008-10-29 00:35 - 00684032 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx.dll
2015-10-07 21:07 - 2008-10-03 14:30 - 00000414 _____ C:\Windows\SysWOW64\lame_acm.xml
2015-10-07 21:07 - 2008-09-25 10:03 - 00081920 _____ (DivX, Inc.) C:\Windows\SysWOW64\dpl100.dll
2015-10-07 21:07 - 2008-09-24 20:41 - 00839680 _____ (http://www.mp3dev.org/) C:\Windows\SysWOW64\lameACM.acm
2015-10-07 21:07 - 2008-09-19 23:57 - 03596288 _____ C:\Windows\SysWOW64\qt-dx331.dll
2015-10-07 21:07 - 2008-07-30 21:09 - 00000038 _____ C:\Windows\avisplitter.ini
2015-10-07 21:07 - 2008-01-10 14:16 - 00159839 _____ C:\Windows\SysWOW64\xvidvfw.dll
2015-10-07 21:07 - 2008-01-10 14:15 - 00755027 _____ C:\Windows\SysWOW64\xvidcore.dll
2015-10-07 21:07 - 2007-09-21 02:52 - 00118784 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2015-10-07 21:07 - 2007-09-04 18:56 - 00164352 _____ C:\Windows\SysWOW64\unrar.dll
2015-10-07 21:07 - 2007-07-10 18:10 - 00000547 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest
2015-10-07 21:07 - 2004-01-25 18:18 - 00217088 _____ (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2015-10-07 21:07 - 2004-01-12 00:00 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-10-07 21:06 - 2015-10-16 18:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-07 21:06 - 2015-10-07 21:06 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-07 21:06 - 2015-10-07 21:06 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Users\PC\AppData\Roaming\Mozilla
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Users\PC\AppData\Roaming\FastStone
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Users\PC\AppData\Local\Mozilla
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\ProgramData\Mozilla
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2015-10-07 21:06 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-07 21:06 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-07 21:06 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-07 21:06 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-07 21:06 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-07 21:06 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-07 21:06 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-07 21:06 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-07 21:06 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-07 21:05 - 2015-10-17 09:16 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-07 21:05 - 2015-10-14 00:45 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-07 21:05 - 2015-10-07 21:10 - 00000000 ____D C:\Users\PC\AppData\Roaming\Adobe
2015-10-07 21:05 - 2015-10-07 21:05 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Adobe
2015-10-07 21:05 - 2015-10-07 21:05 - 00000000 ____D C:\Users\PC\AppData\Local\Adobe
2015-10-07 21:04 - 2015-10-07 21:30 - 00000000 ____D C:\ProgramData\Adobe
2015-10-07 21:04 - 2015-10-07 21:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\Nero
2015-10-07 21:04 - 2015-10-07 21:04 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-07 21:04 - 2015-10-07 21:01 - 00002636 _____ C:\Users\PC\Desktop\Nero Burning ROM.lnk
2015-10-07 21:01 - 2015-10-07 21:01 - 00000000 ____D C:\Users\PC\AppData\Local\Ahead
2015-10-07 21:01 - 2015-10-07 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
2015-10-07 20:48 - 2015-10-07 20:48 - 00001024 _____ C:\Users\PC\.rnd
2015-10-07 20:48 - 2015-10-07 20:48 - 00000188 _____ C:\Windows\SysWOW64\MsiExec.exe.log
2015-10-07 20:48 - 2015-10-07 20:48 - 00000026 _____ C:\Windows\Irremote.ini
2015-10-07 20:48 - 2015-10-07 20:48 - 00000000 ____D C:\ProgramData\Nero
2015-10-07 20:48 - 2015-10-07 20:48 - 00000000 ____D C:\Program Files (x86)\Nero
2015-10-07 20:46 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-10-07 20:46 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-10-07 20:44 - 2015-10-07 20:29 - 00003021 _____ C:\Users\PC\Desktop\Microsoft Word 2010.lnk
2015-10-07 20:44 - 2015-10-07 20:29 - 00002951 _____ C:\Users\PC\Desktop\Microsoft Excel 2010.lnk
2015-10-07 20:42 - 2015-10-17 09:04 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2015-10-07 20:42 - 2015-10-17 09:04 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2015-10-07 20:42 - 2015-10-14 19:47 - 00108840 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-07 20:42 - 2015-10-07 20:44 - 00000000 ____D C:\Windows\AutoKMS
2015-10-07 20:29 - 2015-10-07 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-10-07 20:29 - 2015-10-07 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Windows\PCHEALTH
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-07 20:27 - 2015-10-07 20:27 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-10-07 20:27 - 2015-10-07 20:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2015-10-07 20:26 - 2015-10-07 20:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-07 20:26 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 __RHD C:\MSOCache
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 ____D C:\Users\PC\AppData\Local\Microsoft Help
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 ____D C:\Program Files\Microsoft Office
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-10-07 20:25 - 2015-10-07 20:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-07 20:25 - 2015-10-07 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-07 20:25 - 2015-10-07 20:25 - 00000000 ____D C:\Program Files (x86)\WinRar
2015-10-07 20:19 - 2015-10-08 18:10 - 00764390 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-07 20:17 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-10-07 20:17 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2015-10-07 20:17 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-10-07 20:12 - 2015-10-10 22:48 - 00001443 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-07 20:12 - 2015-10-10 22:48 - 00001409 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-10-07 20:12 - 2015-10-07 20:12 - 00000020 ___SH C:\Users\PC\ntuser.ini
2015-10-07 20:11 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC
2015-10-07 20:11 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-07 20:11 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-07 20:08 - 2015-10-16 20:47 - 00400774 _____ C:\Windows\WindowsUpdate.log
2015-10-07 20:08 - 2015-10-07 20:08 - 00000000 __SHD C:\Recovery

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-17 09:09 - 2009-07-14 07:13 - 00779266 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-17 09:09 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-17 09:09 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-17 09:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-13 16:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-10-11 08:43 - 2009-07-14 06:45 - 00414656 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-10 22:27 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-08 21:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-10-08 05:56 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-10-08 05:56 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-10-08 05:56 - 2009-07-14 06:45 - 00000000 ____D C:\Windows\Setup
2015-10-08 05:00 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-08 04:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-10-08 04:58 - 2009-07-14 09:46 - 00000000 ____D C:\Windows\CSC
2015-10-07 21:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-10-07 20:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2015-10-07 20:28 - 2009-07-14 09:46 - 00000000 ____D C:\Windows\ShellNew
2015-10-07 20:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-07 20:27 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-07 20:26 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-10-07 20:17 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-11 14:55

==================== End of FRST.txt ============================





https://www.mycity.rs/must-login.png

Poslao: 18 Okt 2015 09:16
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Kako se tacno manifestuje problem?

Poslao: 18 Okt 2015 16:57
Idi na vrh
offline
  • maha  Male
  • Super građanin
  • Pridružio: 06 Dec 2006
  • Poruke: 1152

Pa kad hocu da otvorim nesta prvo mi izlazi ovako nesta..i jos sijaset drugih gluposti...

Poslao: 19 Okt 2015 23:54
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Hajde prvo ukloni ovaj program:

Sonic Train

Zatim, ponovo pokreni FRST, cekiraj Addition.txt, i klikni Scan. Ovoga puta te molim da prikacis, a ne da kopiras oba izvestaja, jer mi je ovako nezgodno da ih temeljno pogledam.

Poslao: 20 Okt 2015 21:10
Idi na vrh
offline
  • maha  Male
  • Super građanin
  • Pridružio: 06 Dec 2006
  • Poruke: 1152

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-10-2015
Ran by PC (administrator) on PC-PC (20-10-2015 21:06:55)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\MountPoints2: {27a7abc8-6dd1-11e5-b3d4-00158315a310} - M:\AutoRun.exe
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\MountPoints2: {4ed57bef-6d68-11e5-b12e-806e6f6e6963} - G:\SETUP.EXE
HKU\S-1-5-21-2921931512-397226605-597601975-1000\...\MountPoints2: {8662f257-6f8c-11e5-a6de-00158315a310} - N:\Setup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{72DA6058-7DA2-42C0-AE7C-DAB067732416}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2921931512-397226605-597601975-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2921931512-397226605-597601975-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-10] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-10] (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default
FF NewTab: hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_151010__yaff
FF DefaultSearchEngine: Yahoo®
FF SelectedSearchEngine: Yahoo®
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll [2015-10-07] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll [2015-10-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default\user.js [2015-10-10]
FF Extension: Adblock Plus - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fhrs4jei.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-14]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2015-10-08] [not signed]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2015-10-08] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-10-08] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-10-10] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-08-15] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-08-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-08-15] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-08-15] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-08-15] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-08-15] (ESET)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-20 21:06 - 2015-10-20 21:06 - 00000000 ____D C:\Users\PC\Desktop\FRST-OlderVersion
2015-10-16 20:30 - 2015-10-16 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serious Sam
2015-10-16 20:30 - 2015-10-16 20:30 - 00000000 ____D C:\Program Files (x86)\Croteam
2015-10-16 18:43 - 2015-10-16 18:43 - 00000000 ____D C:\Users\PC\AppData\Roaming\WinRAR
2015-10-16 18:30 - 2015-10-16 18:30 - 00000598 _____ C:\Windows\PFRO.log
2015-10-16 18:30 - 2015-10-16 18:30 - 00000000 ____D C:\Users\PC\AppData\Local\VirtualStore
2015-10-16 18:28 - 2015-10-16 18:14 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-10-16 18:14 - 2015-10-16 18:30 - 00016927 _____ C:\zoek-results.log
2015-10-16 18:14 - 2015-10-16 18:25 - 00000000 ____D C:\zoek_backup
2015-10-16 18:07 - 2015-10-16 18:07 - 01309184 _____ C:\Users\PC\Downloads\zoek.exe
2015-10-16 18:07 - 2015-10-16 18:07 - 01309184 _____ C:\Users\PC\Desktop\zoek.exe
2015-10-16 17:51 - 2015-10-17 16:42 - 00021589 _____ C:\Users\PC\Desktop\Addition.txt
2015-10-16 17:50 - 2015-10-20 21:06 - 00010259 _____ C:\Users\PC\Desktop\FRST.txt
2015-10-16 17:50 - 2015-10-20 21:06 - 00000000 ____D C:\FRST
2015-10-16 17:43 - 2015-10-20 21:06 - 02196992 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-10-16 15:09 - 2015-10-16 18:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-14 23:41 - 2015-10-20 14:48 - 00000672 _____ C:\Windows\setupact.log
2015-10-14 23:41 - 2015-10-14 23:41 - 00000000 _____ C:\Windows\setuperr.log
2015-10-10 22:54 - 2015-10-16 20:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2015-10-10 22:54 - 2015-10-10 22:54 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2015-10-10 22:54 - 2015-10-10 22:54 - 00001950 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-10-10 22:54 - 2015-10-10 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-10 22:54 - 2015-10-10 22:54 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-10-10 22:53 - 2015-10-16 20:30 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-10-10 22:53 - 2015-10-10 22:58 - 13146016 _____ (Disc Soft Ltd) C:\Users\PC\Downloads\DTLite501-0406.exe
2015-10-10 22:47 - 2015-10-16 18:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Lavasoft
2015-10-10 22:47 - 2015-10-16 18:25 - 00000000 ____D C:\Users\PC\AppData\Local\Lavasoft
2015-10-10 22:47 - 2015-10-16 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-10-10 22:46 - 2015-10-16 18:25 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-10-10 22:46 - 2015-10-11 08:43 - 00002880 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-10-10 22:46 - 2015-10-10 22:46 - 00425744 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-10-10 22:46 - 2015-10-10 22:46 - 00345360 _____ (Lavasoft Limited) C:\Windows\SysWOW64\Lavasearch
2015-10-10 22:44 - 2015-10-16 18:25 - 00000000 ____D C:\ProgramData\Lavasoft
2015-10-10 22:44 - 2015-10-10 22:44 - 00000000 ____D C:\Users\PC\AppData\Roaming\Opera Software
2015-10-10 22:44 - 2015-10-10 22:44 - 00000000 ____D C:\Users\PC\AppData\Local\Opera Software
2015-10-10 22:40 - 2015-10-10 22:40 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-10-10 22:32 - 2015-10-10 22:32 - 00000991 _____ C:\Users\Public\Desktop\FlashPeak Slimjet.lnk
2015-10-10 22:32 - 2015-10-10 22:32 - 00000000 ____D C:\Users\PC\AppData\Local\Slimjet
2015-10-10 22:32 - 2015-10-10 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashPeak Slimjet
2015-10-10 22:32 - 2015-10-10 22:32 - 00000000 ____D C:\Program Files (x86)\Slimjet
2015-10-10 22:27 - 2015-10-10 22:27 - 00001948 _____ C:\Users\Public\Desktop\Serious Sam The Second Encounter.lnk
2015-10-10 22:27 - 2015-10-10 22:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-10-10 22:27 - 2015-10-10 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-10-10 22:27 - 2015-10-10 22:27 - 00000000 ____D C:\GOG Games
2015-10-10 22:22 - 2015-10-10 22:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\MAGIX
2015-10-10 22:22 - 2015-10-10 22:22 - 00000000 ____D C:\ProgramData\MAGIX
2015-10-10 22:20 - 2015-10-10 22:49 - 00000000 ____D C:\ProgramData\simplitec
2015-10-10 22:20 - 2015-10-10 22:20 - 00000606 _____ C:\Users\PC\Desktop\KMPlayer.lnk
2015-10-10 22:20 - 2015-10-10 22:20 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-10-10 22:20 - 2015-05-06 16:54 - 00120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll
2015-10-10 22:19 - 2015-10-18 19:21 - 00000000 ____D C:\KMPlayer
2015-10-10 22:15 - 2015-10-10 22:15 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-10-10 22:15 - 2015-10-10 22:15 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-10 22:15 - 2015-10-10 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-10-10 22:15 - 2015-10-10 22:15 - 00000000 ____D C:\Program Files\CCleaner
2015-10-10 22:13 - 2015-10-10 22:13 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-10-10 22:13 - 2015-10-10 22:13 - 00000000 ____D C:\Program Files\Unlocker
2015-10-10 22:12 - 2015-10-10 22:12 - 00001272 _____ C:\Users\PC\Desktop\Snipping Tool.lnk
2015-10-10 21:16 - 2015-10-16 17:18 - 00000000 ____D C:\Users\PC\AppData\LocalLow\uTorrent
2015-10-10 21:14 - 2015-10-10 21:14 - 00002586 _____ C:\Users\PC\Desktop\µTorrent.lnk
2015-10-10 21:14 - 2015-10-10 21:14 - 00002586 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-10 21:12 - 2015-10-16 18:29 - 00000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2015-10-10 21:11 - 2015-10-10 21:26 - 154429024 _____ (AVAST Software) C:\Users\PC\Downloads\avast_free_antivirus_setup.exe
2015-10-10 21:04 - 2015-10-10 21:04 - 00001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\Users\PC\AppData\Local\VS Revo Group
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-10-10 21:04 - 2015-10-10 21:04 - 00000000 ____D C:\Program Files\VS Revo Group
2015-10-10 21:04 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-10-10 20:58 - 2015-10-10 20:58 - 00000000 ____D C:\Program Files (x86)\Serious Sam 3 BFE Deluxe Edition
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\Sun
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\NVIDIA
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Sun
2015-10-10 13:39 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC\.oracle_jre_usage
2015-10-10 13:38 - 2015-10-10 13:39 - 00000000 ____D C:\ProgramData\Oracle
2015-10-10 13:38 - 2015-10-10 13:38 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-10 13:38 - 2015-10-10 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-10 13:38 - 2015-10-10 13:38 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-10 13:36 - 2015-10-10 13:36 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Oracle
2015-10-10 13:35 - 2015-10-19 19:09 - 00000000 ____D C:\Users\PC\AppData\Roaming\.minecraft
2015-10-10 13:35 - 2015-10-10 13:35 - 00002071 _____ C:\Users\PC\Desktop\Minecraft.lnk
2015-10-10 13:35 - 2015-10-10 13:35 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-10-08 18:30 - 2015-10-15 18:30 - 00003348 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2015-10-08 18:30 - 2015-10-08 18:30 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-08 18:18 - 2006-10-06 14:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
2015-10-08 18:18 - 2000-05-22 16:58 - 00647872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Mscomct2.ocx
2015-10-08 18:03 - 2015-10-08 18:06 - 00000000 ____D C:\Windows\system32\MRT
2015-10-08 18:03 - 2015-08-26 18:37 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-08 17:47 - 2015-10-08 17:47 - 00000000 ____D C:\Users\PC\AppData\Local\Macromedia
2015-10-08 17:44 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-10-08 17:44 - 2011-04-09 08:45 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-08 17:44 - 2011-04-09 08:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-08 17:44 - 2011-04-09 08:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-08 17:44 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-10-08 09:21 - 2015-10-08 09:21 - 00000000 ____D C:\Windows\pss
2015-10-08 09:20 - 2015-10-08 09:20 - 00000000 ____D C:\Users\PC\AppData\Roaming\ESET
2015-10-08 09:20 - 2015-10-08 09:20 - 00000000 ____D C:\Users\PC\AppData\Local\ESET
2015-10-08 09:18 - 2015-10-08 09:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-10-08 09:18 - 2015-10-08 09:18 - 00000000 ____D C:\ProgramData\ESET
2015-10-08 09:18 - 2015-10-08 09:18 - 00000000 ____D C:\Program Files\ESET
2015-10-08 05:56 - 2015-10-14 20:10 - 00000000 ____D C:\Windows\Panther
2015-10-08 05:00 - 2015-10-08 05:00 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-10-08 05:00 - 2015-10-08 05:00 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-10-08 04:58 - 2015-10-08 04:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-10-07 22:06 - 2003-06-12 23:25 - 00007062 _____ C:\Windows\SysWOW64\audiopid.vxd
2015-10-07 22:05 - 2015-10-08 18:21 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2015-10-07 22:05 - 2015-10-08 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-10-07 22:05 - 2015-10-08 18:18 - 00000000 ____D C:\ProgramData\Creative
2015-10-07 22:05 - 2015-10-08 18:02 - 00000000 ____D C:\Program Files\Creative
2015-10-07 22:05 - 2015-10-08 18:01 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-10-07 22:05 - 2015-10-08 18:01 - 00000159 ___RH C:\Windows\ctfile.rfc
2015-10-07 22:05 - 2015-10-07 22:05 - 00000000 ____D C:\Program Files (x86)\OpenAL
2015-10-07 22:05 - 2009-03-26 14:48 - 00190976 _____ C:\Windows\system32\APOMgr64.DLL
2015-10-07 22:05 - 2009-03-26 14:46 - 00148480 _____ C:\Windows\SysWOW64\APOMngr.DLL
2015-10-07 22:05 - 2009-02-06 18:53 - 00089088 _____ C:\Windows\system32\CmdRtr64.DLL
2015-10-07 22:05 - 2009-02-06 18:52 - 00073728 _____ C:\Windows\SysWOW64\CmdRtr.DLL
2015-10-07 22:05 - 2008-02-04 10:28 - 00107008 _____ (Creative Technology Ltd) C:\Windows\system32\cttele64.dll
2015-10-07 22:05 - 2008-02-04 10:27 - 00102400 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\cttele32.dll
2015-10-07 22:04 - 2015-10-08 18:20 - 00000000 ____D C:\Program Files (x86)\Creative
2015-10-07 22:04 - 2015-10-07 22:04 - 00000000 ____D C:\Windows\SysWOW64\Data
2015-10-07 22:04 - 2015-10-07 22:04 - 00000000 ____D C:\Windows\system32\Data
2015-10-07 22:04 - 2014-03-01 03:45 - 00012288 _____ (Creative Technology Limited) C:\Windows\system32\INRES.DLL
2015-10-07 22:04 - 2014-03-01 01:28 - 00011776 _____ (Creative Technology Limited) C:\Windows\SysWOW64\INRES.DLL
2015-10-07 21:37 - 2015-06-23 13:30 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-10-07 21:33 - 2015-10-07 21:33 - 00000000 ____D C:\Users\PC\AppData\Local\CEF
2015-10-07 21:23 - 2015-10-10 21:08 - 00000000 ____D C:\Users\PC\AppData\Roaming\CyberLink
2015-10-07 21:23 - 2015-10-07 21:23 - 00000000 ____D C:\Users\PC\Documents\CyberLink
2015-10-07 21:21 - 2015-10-10 21:08 - 00000000 ____D C:\ProgramData\CyberLink
2015-10-07 21:21 - 2015-10-07 21:21 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-10-07 21:21 - 2015-10-07 21:21 - 00000000 ____D C:\Users\PC\AppData\Local\MediaServer
2015-10-07 21:21 - 2015-10-07 21:21 - 00000000 ____D C:\ProgramData\PDVD
2015-10-07 21:20 - 2015-10-16 20:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-07 21:20 - 2015-10-10 21:08 - 00000000 ____D C:\ProgramData\install_clap
2015-10-07 21:20 - 2015-10-07 21:21 - 00000000 ____D C:\ProgramData\Temp
2015-10-07 21:19 - 2015-10-07 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-07 21:18 - 2015-10-07 21:18 - 00000000 ____D C:\Users\PC\AppData\Local\NVIDIA
2015-10-07 21:14 - 2015-10-20 14:48 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-07 21:14 - 2015-10-07 21:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-07 21:14 - 2015-10-07 21:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-10-07 21:14 - 2015-10-07 21:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-07 21:14 - 2015-02-20 01:57 - 00072904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-10-07 21:14 - 2015-02-20 01:57 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 06782152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 03522376 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 00932040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-07 21:14 - 2015-02-04 04:21 - 00384200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-07 21:14 - 2015-02-04 04:21 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-07 21:14 - 2015-02-04 02:00 - 00608072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-07 21:14 - 2015-02-03 18:18 - 04229086 _____ C:\Windows\system32\nvcoproc.bin
2015-10-07 21:10 - 2015-10-10 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2015-10-07 21:10 - 2015-10-07 21:10 - 00000000 ____D C:\Users\PC\AppData\Roaming\Macromedia
2015-10-07 21:09 - 2015-10-07 21:09 - 00000979 _____ C:\Users\Public\Desktop\Winamp.lnk
2015-10-07 21:09 - 2015-10-07 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-10-07 21:09 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-10-07 21:09 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-10-07 21:08 - 2015-10-07 21:09 - 00000000 ____D C:\Users\PC\AppData\Roaming\Winamp
2015-10-07 21:08 - 2015-10-07 21:09 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-10-07 21:07 - 2015-10-07 21:07 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-07 21:07 - 2015-10-07 21:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\Windows\system32\Macromed
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-10-07 21:07 - 2015-10-07 21:07 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-10-07 21:07 - 2008-11-24 16:32 - 00057344 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-10-07 21:07 - 2008-10-29 00:35 - 00684032 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx.dll
2015-10-07 21:07 - 2008-10-03 14:30 - 00000414 _____ C:\Windows\SysWOW64\lame_acm.xml
2015-10-07 21:07 - 2008-09-25 10:03 - 00081920 _____ (DivX, Inc.) C:\Windows\SysWOW64\dpl100.dll
2015-10-07 21:07 - 2008-09-24 20:41 - 00839680 _____ (http://www.mp3dev.org/) C:\Windows\SysWOW64\lameACM.acm
2015-10-07 21:07 - 2008-09-19 23:57 - 03596288 _____ C:\Windows\SysWOW64\qt-dx331.dll
2015-10-07 21:07 - 2008-07-30 21:09 - 00000038 _____ C:\Windows\avisplitter.ini
2015-10-07 21:07 - 2008-01-10 14:16 - 00159839 _____ C:\Windows\SysWOW64\xvidvfw.dll
2015-10-07 21:07 - 2008-01-10 14:15 - 00755027 _____ C:\Windows\SysWOW64\xvidcore.dll
2015-10-07 21:07 - 2007-09-21 02:52 - 00118784 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2015-10-07 21:07 - 2007-09-04 18:56 - 00164352 _____ C:\Windows\SysWOW64\unrar.dll
2015-10-07 21:07 - 2007-07-10 18:10 - 00000547 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest
2015-10-07 21:07 - 2004-01-25 18:18 - 00217088 _____ (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2015-10-07 21:07 - 2004-01-12 00:00 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-10-07 21:06 - 2015-10-16 18:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-07 21:06 - 2015-10-07 21:06 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-07 21:06 - 2015-10-07 21:06 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Users\PC\AppData\Roaming\Mozilla
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Users\PC\AppData\Roaming\FastStone
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Users\PC\AppData\Local\Mozilla
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\ProgramData\Mozilla
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2015-10-07 21:06 - 2015-10-07 21:06 - 00000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2015-10-07 21:06 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-07 21:06 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-07 21:06 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-07 21:06 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-07 21:06 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-07 21:06 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-07 21:06 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-07 21:06 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-07 21:06 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-07 21:05 - 2015-10-17 09:16 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-07 21:05 - 2015-10-14 00:45 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-07 21:05 - 2015-10-07 21:10 - 00000000 ____D C:\Users\PC\AppData\Roaming\Adobe
2015-10-07 21:05 - 2015-10-07 21:05 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Adobe
2015-10-07 21:05 - 2015-10-07 21:05 - 00000000 ____D C:\Users\PC\AppData\Local\Adobe
2015-10-07 21:04 - 2015-10-07 21:30 - 00000000 ____D C:\ProgramData\Adobe
2015-10-07 21:04 - 2015-10-07 21:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\Nero
2015-10-07 21:04 - 2015-10-07 21:04 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-07 21:04 - 2015-10-07 21:01 - 00002636 _____ C:\Users\PC\Desktop\Nero Burning ROM.lnk
2015-10-07 21:01 - 2015-10-07 21:01 - 00000000 ____D C:\Users\PC\AppData\Local\Ahead
2015-10-07 21:01 - 2015-10-07 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
2015-10-07 20:48 - 2015-10-07 20:48 - 00001024 _____ C:\Users\PC\.rnd
2015-10-07 20:48 - 2015-10-07 20:48 - 00000188 _____ C:\Windows\SysWOW64\MsiExec.exe.log
2015-10-07 20:48 - 2015-10-07 20:48 - 00000026 _____ C:\Windows\Irremote.ini
2015-10-07 20:48 - 2015-10-07 20:48 - 00000000 ____D C:\ProgramData\Nero
2015-10-07 20:48 - 2015-10-07 20:48 - 00000000 ____D C:\Program Files (x86)\Nero
2015-10-07 20:46 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-10-07 20:46 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-10-07 20:44 - 2015-10-07 20:29 - 00003021 _____ C:\Users\PC\Desktop\Microsoft Word 2010.lnk
2015-10-07 20:44 - 2015-10-07 20:29 - 00002951 _____ C:\Users\PC\Desktop\Microsoft Excel 2010.lnk
2015-10-07 20:42 - 2015-10-20 14:49 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2015-10-07 20:42 - 2015-10-20 14:49 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2015-10-07 20:42 - 2015-10-14 19:47 - 00108840 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-07 20:42 - 2015-10-07 20:44 - 00000000 ____D C:\Windows\AutoKMS
2015-10-07 20:29 - 2015-10-07 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-10-07 20:29 - 2015-10-07 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Windows\PCHEALTH
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2015-10-07 20:28 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-07 20:27 - 2015-10-07 20:27 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-10-07 20:27 - 2015-10-07 20:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2015-10-07 20:26 - 2015-10-07 20:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-07 20:26 - 2015-10-07 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 __RHD C:\MSOCache
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 ____D C:\Users\PC\AppData\Local\Microsoft Help
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 ____D C:\Program Files\Microsoft Office
2015-10-07 20:26 - 2015-10-07 20:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-10-07 20:25 - 2015-10-07 20:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-07 20:25 - 2015-10-07 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-07 20:25 - 2015-10-07 20:25 - 00000000 ____D C:\Program Files (x86)\WinRar
2015-10-07 20:19 - 2015-10-08 18:10 - 00764390 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-07 20:17 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-10-07 20:17 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2015-10-07 20:17 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2015-10-07 20:17 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-10-07 20:12 - 2015-10-10 22:48 - 00001443 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-07 20:12 - 2015-10-10 22:48 - 00001409 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-10-07 20:12 - 2015-10-07 20:12 - 00000020 ___SH C:\Users\PC\ntuser.ini
2015-10-07 20:11 - 2015-10-10 13:39 - 00000000 ____D C:\Users\PC
2015-10-07 20:11 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-07 20:11 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-07 20:08 - 2015-10-20 12:12 - 00414699 _____ C:\Windows\WindowsUpdate.log
2015-10-07 20:08 - 2015-10-07 20:08 - 00000000 __SHD C:\Recovery

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-20 14:54 - 2009-07-14 07:13 - 00779266 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-20 14:54 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-20 14:54 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-20 14:48 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-13 16:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-10-11 08:43 - 2009-07-14 06:45 - 00414656 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-10 22:27 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-08 21:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-10-08 05:56 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-10-08 05:56 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-10-08 05:56 - 2009-07-14 06:45 - 00000000 ____D C:\Windows\Setup
2015-10-08 05:00 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-08 04:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-10-08 04:58 - 2009-07-14 09:46 - 00000000 ____D C:\Windows\CSC
2015-10-07 21:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-10-07 20:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2015-10-07 20:28 - 2009-07-14 09:46 - 00000000 ____D C:\Windows\ShellNew
2015-10-07 20:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-07 20:27 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-07 20:26 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-10-07 20:17 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-11 14:55

==================== End of FRST.txt ============================









https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Poslao: 21 Okt 2015 00:24
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Kakva je situacija sada?

Poslao: 22 Okt 2015 18:51
Idi na vrh
offline
  • maha  Male
  • Super građanin
  • Pridružio: 06 Dec 2006
  • Poruke: 1152

Uklonio sam Sonik Train i sada je ok...puno hvala!

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa reklama

Ko je trenutno na forumu
 

Ukupno su 1070 korisnika na forumu :: 43 registrovanih, 9 sakrivenih i 1018 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Rade, amaterSRB, Andrija357, Apok, bojankrstc, Bokiboks, botta, bufanje, cavatina, Centauro, debeli, Denaya, drimer, flash12, FOX, HrcAk47, Još malo pa deda, Karla, Kubovac, kubura91, kunktator, kybonacci, ladro, Mi lao shu, MiG-29M2, milenko crazy north, Milos ZA, mocnijogurt, moldway, MrNo, Ne doznajem se u oružje, Nobunaga, Parker, pein, prle122, RJ, Sirius, slonic_tonic, Srle993, tubular, Vladko, vladulns, W123