MyCity » Ambulanta -> Arhiva Ambulante » Provera

Provera

Napisano na dan: 18.3.2019

Provera

Odgovori

zoxknez Poslao: 18 Mar 2019 16:06 Idi na vrh
offline zoxknez Zaslužni građanin Pridružio: 27 Avg 2005 Poruke: 563	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Drugarov komp kaze da je koristio usb koji je zarazen a nije to znao pre upotrebe: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-03-2019 Ran by RPRIVEL (administrator) on RIVELL2 (18-03-2019 15:44:33) Running from C:\Users\RPRIVEL\Desktop\first Loaded Profiles: RPRIVEL (Available Profiles: RPRIVEL) Platform: Microsoft Windows 7 Home Basic Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Creative Technology Ltd) [File not signed] C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (HP) [File not signed] C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe () [File not signed] C:\MySQL\MySQL Server 5.1\bin\mysqld.exe (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe (Creative Technology Ltd -> Creative Technology Ltd) C:\Windows\System32\CtHelper.exe (A.E.T. Europe B.V.) [File not signed] C:\Windows\System32\aetcrss1.exe (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard -> HP Development Company, L.P.) C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\SecurityTray\jre\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\LPA\ePIA\java\bin\javaw.exe () [File not signed] C:\Users\RPRIVEL\AppData\Roaming\remcos\remcos.exe (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (NetSeT Global Solutions d.o.o.) [File not signed] C:\Program Files\TrustEdgeID\TokenUtil.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cscript.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\raserver.exe (McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe (McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe (Zemana Ltd. -> Zemana Ltd.) C:\Program Files\Zemana AntiMalware\ZAM.exe () [File not signed] C:\Users\RPRIVEL\AppData\Roaming\Install\Host.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe (Microsoft Windows Hardware Compatibility Publisher -> Zenographics) C:\Windows\System32\ZSTATUS.EXE () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\ntvdm.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe (Hewlett-Packard -> HP Development Company, L.P.) C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\TRACERT\bi.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [CTHelper] => C:\Windows\system32\CTHELPER.EXE* [20480 2015-09-02] () [File not signed] HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-09-29] (Advanced Micro Devices, Inc.) [File not signed] HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [151552 2011-11-10] (A.E.T. Europe B.V.) [File not signed] HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [13915888 2016-11-22] (Zemana Ltd. -> Zemana Ltd.) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\...\Run: [] => [X] HKLM\...\Run: [StatusAlerts] => C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [331344 2015-07-22] (Hewlett-Packard -> HP Development Company, L.P.) HKLM\...\Run: [SecurityTray] => C:\Program Files\SecurityTray\SecurityTray.exe [210568 2017-10-09] (SAGA DOO BEOGRAD -> ) HKLM\...\Run: [ePIA] => C:\Program Files\LPA\ePIA\ePIA.exe [28131880 2019-02-22] (IMP - RAČUNARSKI SISTEMI -> LPA) HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [Application] => C:\Users\RPRIVEL\Downloads\app.exe [430592 2018-07-16] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [VJ4PGZIX] => C:\Program Files\Jkpmx9h\drtpdxahwz7ha0.exe [452096 2019-03-01] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [remcos] => C:\Users\RPRIVEL\AppData\Roaming\remcos\remcos.exe [584712 2019-03-08] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [I8TPPR5XCN] => C:\Program Files\N7nlxhtox\pfilizzsdxb.exe [278528 2019-03-12] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [Java] => C:\Users\RPRIVEL\TRACERT\bi.exe [592400 2019-03-15] () [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-05] (Google LLC -> Google Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2018-11-27] (McAfee, Inc. -> McAfee, LLC.) IFEO\Ronzap.exe: [GlobalFlag] C:\ProgramData\Windows Monitor\Monitor.exe %i deviceId=788655b1-a494-8e1f-9985-ed963d0ace4d channelId=3 distributer=APSnapdoAMRev processName=Ronzap.exe statsAddress=hxxp://stats.ijnewhb.com/StatisticsService.svc/V1/JSON/LogEvent HKLM\...\SilentProcessExit\Ronzap.exe: [MonitorProcess] C:\ProgramData\Windows Monitor\Monitor.exe %i deviceId=788655b1-a494-8e1f-9985-ed963d0ace4d channelId=3 distributer=APSnapdoAMRev processName=Ronzap.exe statsAddress=hxxp://stats.ijnewhb.com/StatisticsService.svc/V1/JSON/LogEvent IFEO\xifs.exe: [GlobalFlag] C:\ProgramData\Windows Monitor\Monitor.exe %i deviceId=788655b1-a494-8e1f-9985-ed963d0ace4d channelId=888 distributer=apsnapdoam processName=xifs.exe statsAddress=hxxp://stats.ijnewhb.com/StatisticsService.svc/V1/JSON/LogEvent HKLM\...\SilentProcessExit\xifs.exe: [MonitorProcess] C:\ProgramData\Windows Monitor\Monitor.exe %i deviceId=788655b1-a494-8e1f-9985-ed963d0ace4d channelId=888 distributer=apsnapdoam processName=xifs.exe statsAddress=hxxp://stats.ijnewhb.com/StatisticsService.svc/V1/JSON/LogEvent Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProSpool - Shortcut.lnk [2016-04-28] ShortcutTarget: ProSpool - Shortcut.lnk -> C:\PROSPOOL\ProSpool.exe (No File) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Token Manager.lnk [2017-02-24] ShortcutTarget: Token Manager.lnk -> C:\Program Files\TrustEdgeID\TokenUtil.exe (NetSeT Global Solutions d.o.o.) [File not signed] GroupPolicy: Restriction - Windows Defender <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{620E5B35-FF62-408A-A7C3-B8B839519DF1}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-18] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-18] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security) DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} [Link mogu videti samo ulogovani korisnici] DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} [Link mogu videti samo ulogovani korisnici] DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} [Link mogu videti samo ulogovani korisnici] Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: awtxx0nh.default FF ProfilePath: C:\Users\RPRIVEL\AppData\Roaming\Mozilla\Firefox\Profiles\zx7cb365.default [2016-11-27] FF user.js: detected! => C:\Users\RPRIVEL\AppData\Roaming\Mozilla\Firefox\Profiles\zx7cb365.default\user.js [2016-08-31] FF Homepage: Mozilla\Firefox\Profiles\zx7cb365.default -> about:home FF NewTab: Mozilla\Firefox\Profiles\zx7cb365.default -> about:newtab FF Extension: (Microsoft Forms 2.0 Frame) - C:\Users\RPRIVEL\AppData\Roaming\Mozilla\Firefox\Profiles\zx7cb365.default\Extensions\{6E07E0AB-0882-E3DF-D85D-9BF1907C0423} [2016-06-11] [Legacy] [not signed] FF ProfilePath: C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default [2019-03-18] <==== ATTENTION FF user.js: detected! => C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default\user.js [2016-06-11] FF Homepage: Profiles\awtxx0nh.default -> [Link mogu videti samo ulogovani korisnici] FF NewTab: Profiles\awtxx0nh.default -> about:newtab FF Extension: (Microsoft Forms 2.0 Frame) - C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default\Extensions\{6E07E0AB-0882-E3DF-D85D-9BF1907C0423} [2016-06-11] [Legacy] [not signed] FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-18] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-18] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: ChromeDefaultData CHR HomePage: ChromeDefaultData -> [Link mogu videti samo ulogovani korisnici] CHR StartupUrls: ChromeDefaultData -> "hxxps://www.google.rs/?gws_rd=cr&ei=BurGV4iHBYWV6AS0yZKgCQ" CHR Profile: C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-03-18] <==== ATTENTION CHR Extension: (Презентације) - C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22] CHR Extension: (Документи) - C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22] CHR Extension: (Google диск) - C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23] CHR Extension: (YouTube) - C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03] CHR Extension: (Google Search) - C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-19] CHR Extension: (Adobe Acrobat) - C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06] CHR Extension: (Табеле) - C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22] CHR Extension: (Google документи офлајн) - C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17] CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06] CHR Extension: (Gmail) - C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-03] CHR Extension: (Chrome Media Router) - C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-13] CHR HKLM\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - [Link mogu videti samo ulogovani korisnici] CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - [Link mogu videti samo ulogovani korisnici] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [733184 2009-09-30] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) S3 Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2015-10-03] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-10-04] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed] R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed] R2 MySQL; C:\MySQL\MySQL Server 5.1\my.ini [8888 2016-04-28] () [File not signed] S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll [2716672 2016-07-16] (Microsoft Corporation) [File not signed] R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2018-09-28] (TeamViewer GmbH -> TeamViewer GmbH) R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [272096 2018-11-27] (McAfee, Inc. -> McAfee, LLC.) R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [272096 2018-11-27] (McAfee, Inc. -> McAfee, LLC.) R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [164664 2018-11-27] (McAfee, Inc. -> McAfee, LLC.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [13915888 2016-11-22] (Zemana Ltd. -> Zemana Ltd.) S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [4450816 2009-09-30] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) S3 COMMONFX; C:\Windows\System32\drivers\COMMONFX.SYS [97712 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) R3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [97712 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) S3 CTAUDFX; C:\Windows\System32\drivers\CTAUDFX.SYS [557312 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) R3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [557312 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) S3 ctdvda2k; C:\Windows\System32\drivers\ctdvda2k.sys [349360 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) S3 CTERFXFX; C:\Windows\System32\drivers\CTERFXFX.SYS [103168 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) S3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [103168 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) S3 CTSBLFX; C:\Windows\System32\drivers\CTSBLFX.SYS [568576 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) R3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [568576 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [99968 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto) R3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [802560 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) S3 hap16v2k; C:\Windows\System32\drivers\hap16v2k.sys [165120 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) S3 hap17v2k; C:\Windows\System32\drivers\hap17v2k.sys [191744 2015-09-02] (Creative Technology Ltd -> Creative Technology Ltd) R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [20992 2006-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Microsoft Corporation) R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [38416 2015-06-18] (Logitech Inc -> Logitech, Inc.) R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.) R1 ZAM; C:\Windows\System32\drivers\zam32.sys [181496 2016-11-27] (Zemana Ltd. -> Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard32.sys [181496 2016-11-27] (Zemana Ltd. -> Zemana Ltd.) U0 Partizan; system32\drivers\Partizan.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-18 15:43 - 2019-03-18 15:44 - 000000000 ____D C:\Users\RPRIVEL\Desktop\first 2019-03-18 14:38 - 2019-03-18 14:38 - 000005572 _____ C:\Users\RPRIVEL\Downloads\attachment - 2019-03-18T143831.441.pdf 2019-03-18 13:40 - 2019-03-18 13:40 - 000730797 _____ C:\Users\RPRIVEL\Downloads\ScanPDF_0001.pdf 2019-03-18 13:39 - 2019-03-18 13:39 - 000004779 _____ C:\Users\RPRIVEL\Downloads\sampleName(8324).pdf 2019-03-18 11:47 - 2019-03-18 11:47 - 000632555 _____ C:\Users\RPRIVEL\Downloads\ScanPDF (2).pdf 2019-03-15 17:00 - 2019-03-15 17:00 - 000067726 _____ C:\Users\RPRIVEL\Documents\RN 3.pdf 2019-03-15 16:16 - 2019-03-15 16:16 - 000009854 _____ C:\Users\RPRIVEL\Downloads\Sell out Kremanska voda liflet od 11.02. do 23.02.2019..xlsx 2019-03-15 10:51 - 2019-03-15 10:51 - 000039660 _____ C:\Users\RPRIVEL\Downloads\DOST ZRENJANIN TREBOVANJE (12).pdf 2019-03-15 10:34 - 2019-03-15 10:34 - 000093292 _____ C:\Users\RPRIVEL\Documents\RN 176-2.pdf 2019-03-15 10:29 - 2019-03-15 10:29 - 000092793 _____ C:\Users\RPRIVEL\Documents\RN 176.pdf 2019-03-15 10:09 - 2019-03-15 10:09 - 000092989 _____ C:\Users\RPRIVEL\Documents\RN 174.pdf 2019-03-15 09:55 - 2019-03-15 09:55 - 000488361 _____ C:\Users\RPRIVEL\Downloads\GOMEX (8).pdf 2019-03-15 09:54 - 2019-03-15 09:54 - 000092238 _____ C:\Users\RPRIVEL\Documents\RN 173.pdf 2019-03-15 09:48 - 2019-03-15 09:48 - 000149787 _____ C:\Users\RPRIVEL\Downloads\Scan0001.pdf 2019-03-15 09:42 - 2019-03-15 09:42 - 000091994 _____ C:\Users\RPRIVEL\Documents\RN 171.pdf 2019-03-14 14:23 - 2019-03-14 14:23 - 000091655 _____ C:\Users\RPRIVEL\Documents\RN 170.pdf 2019-03-14 13:47 - 2019-03-14 13:47 - 000004976 _____ C:\Users\RPRIVEL\Downloads\sampleName(8184) (1).pdf 2019-03-14 11:59 - 2019-03-14 11:59 - 000078573 _____ C:\Users\RPRIVEL\Downloads\milkom-asortiman-2019- NET.pdf 2019-03-14 11:58 - 2019-03-14 11:58 - 000113693 _____ C:\Users\RPRIVEL\Downloads\RPRIVEL-07-03-2019.pdf 2019-03-14 08:25 - 2019-03-14 08:25 - 001135131 _____ C:\Users\RPRIVEL\Documents\Z.L. RPRIVEL.pdf 2019-03-14 07:50 - 2019-03-14 07:50 - 000124358 _____ C:\Users\RPRIVEL\Downloads\2251903132852251000000074469410032E.pdf 2019-03-14 07:49 - 2019-03-14 07:50 - 000052395 _____ C:\Users\RPRIVEL\Downloads\Izvod29_2019.03.13_220000000010232913.pdf 2019-03-14 07:44 - 2019-03-18 07:47 - 000000000 ____D C:\Users\RPRIVEL\AppData\Roaming\Install 2019-03-14 07:44 - 2019-03-14 07:44 - 000000000 ____D C:\Users\RPRIVEL\TRACERT 2019-03-13 21:46 - 2019-03-13 21:46 - 000444642 _____ C:\Users\RPRIVEL\Documents\Z.L. MVP GROUP.pdf 2019-03-13 11:13 - 2019-02-26 22:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-03-13 11:13 - 2019-02-26 08:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2019-03-13 11:13 - 2019-02-26 08:19 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2019-03-13 11:13 - 2019-02-26 08:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-03-13 11:13 - 2019-02-26 08:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2019-03-13 11:13 - 2019-02-26 08:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2019-03-13 11:13 - 2019-02-26 08:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2019-03-13 11:13 - 2019-02-26 08:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2019-03-13 11:13 - 2019-02-26 07:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2019-03-13 11:13 - 2019-02-26 07:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-03-13 11:13 - 2019-02-26 07:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2019-03-13 11:13 - 2019-02-26 07:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2019-03-13 11:13 - 2019-02-26 07:57 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2019-03-13 11:13 - 2019-02-26 07:51 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2019-03-13 11:13 - 2019-02-26 07:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2019-03-13 11:13 - 2019-02-26 07:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2019-03-13 11:13 - 2019-02-26 07:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2019-03-13 11:13 - 2019-02-26 07:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2019-03-13 11:13 - 2019-02-26 07:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2019-03-13 11:13 - 2019-02-26 07:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2019-03-13 11:13 - 2019-02-26 07:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2019-03-13 11:13 - 2019-02-26 07:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-03-13 11:13 - 2019-02-26 07:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-03-13 11:13 - 2019-02-26 07:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-03-13 11:13 - 2019-02-26 07:31 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-03-13 11:13 - 2019-02-26 07:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-03-13 11:13 - 2019-02-26 07:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-03-13 11:13 - 2019-02-26 07:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-03-13 11:13 - 2019-02-26 07:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-03-13 11:12 - 2019-03-06 04:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2019-03-13 11:12 - 2019-03-06 04:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-03-13 11:12 - 2019-03-06 04:04 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll 2019-03-13 11:12 - 2019-03-06 04:04 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-03-13 11:12 - 2019-03-06 04:04 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-03-13 11:12 - 2019-03-06 04:04 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll 2019-03-13 11:12 - 2019-03-06 04:04 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2019-03-13 11:12 - 2019-03-06 04:02 - 001310520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2019-03-13 11:12 - 2019-03-06 04:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 03:41 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2019-03-13 11:12 - 2019-03-06 03:41 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2019-03-13 11:12 - 2019-03-06 03:41 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2019-03-13 11:12 - 2019-03-06 03:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2019-03-13 11:12 - 2019-03-06 03:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2019-03-13 11:12 - 2019-03-06 03:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2019-03-13 11:12 - 2019-03-06 03:39 - 002405376 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-03-13 11:12 - 2019-03-06 03:39 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-03-13 11:12 - 2019-03-06 03:39 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2019-03-13 11:12 - 2019-03-06 03:39 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2019-03-13 11:12 - 2019-03-06 03:37 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-03-13 11:12 - 2019-03-06 03:37 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-03-13 11:12 - 2019-03-06 03:37 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-03-13 11:12 - 2019-03-06 03:37 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-03-13 11:12 - 2019-03-06 03:37 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-03-13 11:12 - 2019-03-06 03:37 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2019-03-13 11:12 - 2019-03-06 03:36 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2019-03-13 11:12 - 2019-03-06 03:36 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2019-03-13 11:12 - 2019-03-06 03:36 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2019-03-13 11:12 - 2019-03-06 03:36 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys 2019-03-13 11:12 - 2019-03-06 03:36 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys 2019-03-13 11:12 - 2019-03-06 03:36 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2019-03-13 11:12 - 2019-03-06 03:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2019-03-13 11:12 - 2019-03-06 03:36 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-03-13 11:12 - 2019-03-06 03:36 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2019-03-13 11:12 - 2019-03-06 03:36 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2019-03-13 11:12 - 2019-03-06 03:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 03:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 03:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2019-03-13 11:12 - 2019-03-06 03:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2019-03-13 11:12 - 2019-03-05 03:40 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2019-03-13 11:12 - 2019-03-05 03:40 - 000026368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2019-03-13 11:12 - 2019-03-05 03:40 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2019-03-13 11:12 - 2019-02-26 08:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-03-13 11:12 - 2019-02-26 08:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2019-03-13 11:12 - 2019-02-26 08:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2019-03-13 11:12 - 2019-02-26 08:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-03-13 11:12 - 2019-02-26 07:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-03-13 11:12 - 2019-02-26 07:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-03-13 11:12 - 2019-02-26 07:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2019-03-13 11:12 - 2019-02-22 03:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll 2019-03-13 11:12 - 2019-02-22 03:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-03-13 11:12 - 2019-02-22 03:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll 2019-03-13 11:12 - 2019-02-16 06:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2019-03-13 11:12 - 2019-02-16 06:50 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2019-03-13 11:12 - 2019-02-16 06:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-03-13 11:12 - 2019-02-16 06:50 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2019-03-13 11:12 - 2019-02-16 06:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2019-03-13 11:12 - 2019-02-16 06:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll 2019-03-13 11:12 - 2019-02-16 06:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll 2019-03-13 11:12 - 2019-02-15 16:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2019-03-13 11:12 - 2019-02-15 16:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2019-03-13 11:12 - 2019-02-15 16:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2019-03-13 11:12 - 2019-02-15 16:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2019-03-13 11:12 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2019-03-13 11:12 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2019-03-13 11:12 - 2019-02-10 17:43 - 001214176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-03-13 11:12 - 2019-02-10 17:18 - 000247296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2019-03-13 11:12 - 2019-02-10 17:18 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2019-03-13 11:12 - 2019-02-10 17:18 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2019-03-13 11:12 - 2019-02-10 17:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys 2019-03-13 11:12 - 2019-02-08 16:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-03-13 11:12 - 2019-02-08 16:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-03-13 11:12 - 2019-02-08 16:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2019-03-13 11:12 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2019-03-13 11:12 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2019-03-13 11:12 - 2019-02-07 16:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll 2019-03-13 11:12 - 2019-02-07 16:53 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2019-03-13 11:12 - 2019-02-07 16:42 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll 2019-03-13 11:12 - 2019-02-07 16:42 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe 2019-03-13 11:12 - 2019-02-03 16:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys 2019-03-13 11:12 - 2019-01-04 17:00 - 000122600 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-03-13 11:12 - 2019-01-04 16:56 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-03-13 11:12 - 2019-01-04 15:04 - 002703872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-03-13 11:12 - 2019-01-04 15:04 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-03-13 11:12 - 2019-01-04 15:04 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-03-13 11:12 - 2019-01-04 15:04 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-03-13 11:12 - 2019-01-04 15:04 - 000377856 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-03-13 11:12 - 2019-01-04 15:04 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-03-13 11:12 - 2019-01-04 15:04 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-03-13 11:12 - 2019-01-04 15:04 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-03-13 11:12 - 2019-01-03 16:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2019-03-13 11:02 - 2019-02-10 17:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2019-03-13 11:02 - 2019-02-10 17:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2019-03-13 11:02 - 2019-02-10 17:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2019-03-13 11:02 - 2019-02-10 17:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2019-03-13 11:02 - 2019-02-10 17:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2019-03-13 11:02 - 2019-02-10 17:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2019-03-13 11:02 - 2019-02-10 17:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2019-03-13 11:02 - 2019-02-10 17:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2019-03-13 11:02 - 2019-02-10 17:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2019-03-13 11:02 - 2019-02-10 17:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2019-03-13 11:01 - 2019-02-10 17:43 - 000078560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2019-03-13 11:01 - 2019-02-10 17:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2019-03-13 11:01 - 2019-02-10 17:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2019-03-13 11:01 - 2019-02-10 17:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2019-03-13 11:01 - 2019-02-10 17:37 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2019-03-13 11:01 - 2019-02-10 17:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2019-03-13 11:01 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2019-03-13 11:01 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2019-03-13 11:01 - 2019-02-10 17:28 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2019-03-13 11:01 - 2019-02-10 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2019-03-13 11:01 - 2019-02-10 17:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2019-03-13 11:01 - 2019-02-10 17:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2019-03-13 11:01 - 2019-02-10 17:19 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2019-03-13 11:01 - 2019-02-10 17:19 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2019-03-13 11:01 - 2019-02-10 17:19 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2019-03-13 11:00 - 2019-02-16 06:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2019-03-13 08:54 - 2019-03-13 08:54 - 000091489 _____ C:\Users\RPRIVEL\Documents\RN 165.pdf 2019-03-13 08:48 - 2019-03-13 08:48 - 000092198 _____ C:\Users\RPRIVEL\Documents\RN 164.pdf 2019-03-12 14:35 - 2019-03-12 14:35 - 000098601 _____ C:\Users\RPRIVEL\Documents\RN 69.pdf 2019-03-12 11:26 - 2019-03-12 11:26 - 000013520 _____ C:\Users\RPRIVEL\Downloads\LF 25.02-09.03. Voda Kremska 6L.xlsx 2019-03-12 08:26 - 2019-03-12 08:26 - 000004499 _____ C:\Users\RPRIVEL\Downloads\1900001.pdf 2019-03-12 08:25 - 2019-03-12 08:25 - 000004502 _____ C:\Users\RPRIVEL\Downloads\1900004.pdf 2019-03-12 07:52 - 2019-03-12 07:52 - 000093978 _____ C:\Users\RPRIVEL\Documents\RN 163.pdf 2019-03-12 06:07 - 2019-03-12 06:07 - 000000000 ____D C:\Program Files\N7nlxhtox 2019-03-12 06:06 - 2019-03-18 07:52 - 000000000 ___HD C:\Users\RPRIVEL\AppData\Roaming\KL369SU5 2019-03-11 17:59 - 2019-03-11 17:59 - 000091747 _____ C:\Users\RPRIVEL\Documents\RN 162.pdf 2019-03-11 14:04 - 2019-03-11 14:04 - 000090917 _____ C:\Users\RPRIVEL\Documents\RN 34-4.pdf 2019-03-11 13:24 - 2019-03-11 13:24 - 000005917 _____ C:\Users\RPRIVEL\Downloads\attachment - 2019-03-11T132403.751.pdf 2019-03-11 13:23 - 2019-03-11 13:23 - 000090663 _____ C:\Users\RPRIVEL\Documents\RN 33-4.pdf 2019-03-11 12:42 - 2019-03-11 12:42 - 000405783 _____ C:\Users\RPRIVEL\Downloads\UGOV.O PREUZ.DUGA RPRIVEL.PDF 2019-03-11 12:34 - 2019-03-11 12:34 - 000092680 _____ C:\Users\RPRIVEL\Documents\RN 161.pdf 2019-03-11 12:29 - 2019-03-11 12:50 - 000092852 _____ C:\Users\RPRIVEL\Documents\RN 160.pdf 2019-03-11 12:25 - 2019-03-11 12:25 - 000091956 _____ C:\Users\RPRIVEL\Documents\RN 158.pdf 2019-03-11 11:42 - 2019-03-11 11:42 - 000601463 _____ C:\Users\RPRIVEL\Downloads\kompezacija Mvp.PDF 2019-03-11 11:32 - 2019-03-11 11:32 - 000004465 _____ C:\Users\RPRIVEL\Downloads\1900007.pdf 2019-03-11 11:31 - 2019-03-11 11:31 - 000004462 _____ C:\Users\RPRIVEL\Downloads\1900005 (1).pdf 2019-03-11 11:29 - 2019-03-11 11:29 - 000004509 _____ C:\Users\RPRIVEL\Downloads\19000008.pdf 2019-03-11 11:24 - 2019-03-11 11:29 - 000010957 _____ C:\Users\RPRIVEL\Downloads\COMPANY 7 MVP NIS FEB19.xlsx 2019-03-11 11:24 - 2019-03-11 11:24 - 000006837 _____ C:\Users\RPRIVEL\Downloads\COMPANY 7 MVP NIS FEB19 (1).xlsx 2019-03-11 11:23 - 2019-03-11 11:23 - 000004501 _____ C:\Users\RPRIVEL\Downloads\19000009.pdf 2019-03-11 11:21 - 2019-03-11 11:21 - 000004504 _____ C:\Users\RPRIVEL\Downloads\1900006.pdf 2019-03-11 11:20 - 2019-03-11 11:20 - 000004976 _____ C:\Users\RPRIVEL\Downloads\sampleName(8184).pdf 2019-03-11 10:07 - 2019-03-11 10:08 - 000319014 _____ C:\Users\RPRIVEL\Documents\Z.L.HABER 2018.pdf 2019-03-11 10:06 - 2019-03-11 10:06 - 000033077 _____ C:\Users\RPRIVEL\Documents\HABER P.AM..pdf 2019-03-11 10:05 - 2019-03-11 10:05 - 000047810 _____ C:\Users\RPRIVEL\Documents\HABER RA.pdf 2019-03-11 10:01 - 2019-03-11 10:01 - 000091811 _____ C:\Users\RPRIVEL\Documents\HABER Z.L.2018.pdf 2019-03-11 08:37 - 2019-03-11 08:37 - 000092996 _____ C:\Users\RPRIVEL\Documents\RN 159.pdf 2019-03-11 07:50 - 2019-03-11 07:50 - 000117011 _____ C:\Users\RPRIVEL\Downloads\2251903082852251000000074469410031E.pdf 2019-03-11 07:49 - 2019-03-11 07:49 - 000059310 _____ C:\Users\RPRIVEL\Downloads\Izvod26_2019.03.08_220000000010232913.pdf 2019-03-11 07:36 - 2019-03-11 07:37 - 000091437 _____ C:\Users\RPRIVEL\Documents\RN 157.pdf 2019-03-08 15:38 - 2019-03-11 14:27 - 000000000 _RSHD C:\Users\RPRIVEL\AppData\Roaming\remcos 2019-03-08 14:54 - 2019-03-08 14:54 - 000039736 _____ C:\Users\RPRIVEL\Downloads\DOST ŠABAC TREBOVANJE (54).pdf 2019-03-08 14:13 - 2019-03-08 14:13 - 000000000 ___HD C:\Users\RPRIVEL\BdeSysprep 2019-03-08 07:50 - 2019-03-08 07:50 - 000054372 _____ C:\Users\RPRIVEL\Downloads\Izvod25_2019.03.07_220000000010232913.pdf 2019-03-08 07:45 - 2019-03-08 07:45 - 000092149 _____ C:\Users\RPRIVEL\Documents\RN 154.pdf 2019-03-07 14:38 - 2019-03-07 14:38 - 000093204 _____ C:\Users\RPRIVEL\Documents\RN 153-2.pdf 2019-03-07 12:38 - 2019-03-07 12:38 - 000091206 _____ C:\Users\RPRIVEL\Documents\RN 150.pdf 2019-03-07 07:22 - 2019-03-07 07:22 - 000123829 _____ C:\Users\RPRIVEL\Downloads\2251903062852251000000074469410030E.pdf 2019-03-07 07:21 - 2019-03-07 07:21 - 000054372 _____ C:\Users\RPRIVEL\Downloads\Izvod24_2019.03.06_220000000010232913.pdf 2019-03-07 07:20 - 2019-03-07 07:20 - 000092664 _____ C:\Users\RPRIVEL\Documents\IZJAVA 149.pdf 2019-03-07 07:17 - 2019-03-07 07:17 - 000092664 _____ C:\Users\RPRIVEL\Documents\RN 149.pdf 2019-03-06 14:52 - 2019-03-06 14:53 - 000092622 _____ C:\Users\RPRIVEL\Documents\RN 147.pdf 2019-03-06 14:50 - 2019-03-07 12:42 - 000094747 _____ C:\Users\RPRIVEL\Documents\RN 148.pdf 2019-03-06 11:57 - 2019-03-06 11:57 - 000098667 _____ C:\Users\RPRIVEL\Documents\RN 62.pdf 2019-03-06 09:49 - 2019-03-06 09:49 - 000076233 _____ C:\Users\RPRIVEL\Downloads\-I.pdf 2019-03-06 07:35 - 2019-03-06 07:35 - 000054372 _____ C:\Users\RPRIVEL\Downloads\Izvod23_2019.03.05_220000000010232913.pdf 2019-03-06 07:34 - 2019-03-06 07:34 - 000126214 _____ C:\Users\RPRIVEL\Downloads\2251903052852251000000074469410029E.pdf 2019-03-06 07:29 - 2019-03-06 07:29 - 000092296 _____ C:\Users\RPRIVEL\Documents\RN 145.pdf 2019-03-05 14:39 - 2019-03-05 14:39 - 000000000 ____D C:\Users\RPRIVEL\AppData\Local\LPA 2019-03-05 14:39 - 2019-03-05 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LPA 2019-03-05 14:38 - 2019-03-05 14:38 - 000000000 ____D C:\Program Files\LPA 2019-03-05 14:36 - 2019-03-05 14:37 - 065609160 _____ (Kancelarija za informacione tehnologije i elektronsku upravu) C:\Users\RPRIVEL\Desktop\epia_instalacija.exe 2019-03-05 13:58 - 2019-03-05 13:58 - 000091428 _____ C:\Users\RPRIVEL\Documents\RN 24-4.pdf 2019-03-05 09:53 - 2019-03-05 09:53 - 000091544 _____ C:\Users\RPRIVEL\Documents\RN 144.pdf 2019-03-05 07:38 - 2019-03-05 07:38 - 000131366 _____ C:\Users\RPRIVEL\Downloads\2251903042852251000000074469410028E.pdf 2019-03-05 07:37 - 2019-03-05 07:37 - 000049825 _____ C:\Users\RPRIVEL\Downloads\Izvod22_2019.03.04_220000000010232913.pdf 2019-03-04 15:05 - 2019-03-04 15:05 - 000004970 _____ C:\Users\RPRIVEL\Downloads\sampleName(8060) (1).pdf 2019-03-04 13:46 - 2019-03-04 13:46 - 000004970 _____ C:\Users\RPRIVEL\Downloads\sampleName(8060).pdf 2019-03-04 13:14 - 2019-03-04 13:14 - 000005583 _____ C:\Users\RPRIVEL\Downloads\attachment - 2019-03-04T131420.110.pdf 2019-03-04 12:45 - 2019-03-04 12:45 - 000092032 _____ C:\Users\RPRIVEL\Documents\RN 141.pdf 2019-03-04 09:59 - 2019-03-04 09:59 - 000093224 _____ C:\Users\RPRIVEL\Documents\RN 138.pdf 2019-03-04 09:49 - 2019-03-04 09:49 - 000091562 _____ C:\Users\RPRIVEL\Documents\RN 136.pdf 2019-03-04 08:22 - 2019-03-04 08:22 - 000091726 _____ C:\Users\RPRIVEL\Documents\RN 135.pdf 2019-03-04 07:45 - 2019-03-04 07:45 - 000124407 _____ C:\Users\RPRIVEL\Downloads\2251903012852251000000074469410027E.pdf 2019-03-04 07:44 - 2019-03-04 07:44 - 000090206 _____ C:\Users\RPRIVEL\Downloads\Izvod21_2019.03.01_220000000010232913.pdf 2019-03-04 07:43 - 2019-03-04 07:43 - 000123038 _____ C:\Users\RPRIVEL\Downloads\011-17-19-002642.pdf 2019-03-01 14:24 - 2019-03-01 14:24 - 000000000 ____D C:\Program Files\Jkpmx9h 2019-03-01 14:23 - 2019-03-18 15:23 - 000000000 ___HD C:\Users\RPRIVEL\AppData\Roaming\J8-036S7 2019-03-01 09:41 - 2019-03-01 09:41 - 001119666 _____ C:\Users\RPRIVEL\Documents\Z.L.2018.pdf 2019-03-01 07:39 - 2019-03-01 07:39 - 000059201 _____ C:\Users\RPRIVEL\Downloads\Izvod20_2019.02.28_220000000010232913.pdf 2019-02-28 15:59 - 2019-02-28 15:59 - 000139107 _____ C:\Users\RPRIVEL\Downloads\STAT.BS 2018 (2) (2).pdf 2019-02-28 15:56 - 2019-02-28 15:56 - 000139107 _____ C:\Users\RPRIVEL\Downloads\STAT.BS 2018 (2).pdf 2019-02-28 15:56 - 2019-02-28 15:56 - 000139107 _____ C:\Users\RPRIVEL\Downloads\STAT.BS 2018 (2) (1).pdf 2019-02-28 13:36 - 2019-02-28 13:36 - 000085261 _____ C:\Users\RPRIVEL\Documents\BB UKUPNO sa poc.st 28.02..pdf 2019-02-28 13:31 - 2019-02-28 13:31 - 000083620 _____ C:\Users\RPRIVEL\Documents\BB 2019 -prebijeno.pdf 2019-02-28 12:55 - 2019-02-28 12:55 - 000039827 _____ C:\Users\RPRIVEL\Downloads\DOST ZRENJANIN TREBOVANJE (11).pdf 2019-02-28 11:30 - 2019-02-28 11:30 - 000271759 _____ C:\Users\RPRIVEL\Downloads\RPRivel R. 22022019-P01.pdf 2019-02-28 11:30 - 2019-02-28 11:30 - 000271759 _____ C:\Users\RPRIVEL\Downloads\RPRivel R. 22022019-P01 (1).pdf 2019-02-28 10:23 - 2019-02-28 10:23 - 000709017 _____ C:\Users\RPRIVEL\Downloads\IMG_20190228_0001.pdf 2019-02-28 10:21 - 2019-02-28 10:21 - 000091877 _____ C:\Users\RPRIVEL\Documents\RN 130.pdf 2019-02-28 07:57 - 2019-02-28 07:57 - 000091335 _____ C:\Users\RPRIVEL\Documents\RN 128.pdf 2019-02-28 07:45 - 2019-02-28 07:45 - 000121272 _____ C:\Users\RPRIVEL\Downloads\2251902272852251000000074469410025E.pdf 2019-02-28 07:42 - 2019-02-28 07:42 - 000220726 _____ C:\Users\RPRIVEL\Downloads\MVP GROUP DOO (3).pdf 2019-02-27 20:39 - 2019-02-27 20:39 - 000223395 _____ C:\Users\RPRIVEL\Downloads\MVP GROUP DOO (2).pdf 2019-02-27 16:00 - 2019-02-27 16:00 - 000091708 _____ C:\Users\RPRIVEL\Documents\RN 127-2.pdf 2019-02-27 15:51 - 2019-02-27 15:51 - 000091725 _____ C:\Users\RPRIVEL\Documents\RN 127.pdf 2019-02-27 14:47 - 2019-02-27 14:47 - 000091331 _____ C:\Users\RPRIVEL\Documents\RN 126.pdf 2019-02-27 13:05 - 2019-02-27 13:06 - 000091818 _____ C:\Users\RPRIVEL\Documents\RN 124.pdf 2019-02-27 13:01 - 2019-02-27 13:01 - 000092627 _____ C:\Users\RPRIVEL\Documents\IZJAVA 125.pdf 2019-02-27 12:59 - 2019-02-27 12:59 - 000092627 _____ C:\Users\RPRIVEL\Documents\RN 125.pdf 2019-02-27 11:30 - 2019-02-27 11:30 - 000091175 _____ C:\Users\RPRIVEL\Documents\RN 123.pdf 2019-02-27 07:35 - 2019-02-27 07:35 - 000120968 _____ C:\Users\RPRIVEL\Downloads\2251902262852251000000074469410024E.pdf 2019-02-26 14:50 - 2019-02-26 14:50 - 000396381 _____ C:\Users\RPRIVEL\Downloads\Izava o neakt. RIVELL -potp. (2).pdf 2019-02-26 09:56 - 2019-02-26 09:56 - 001210030 _____ C:\Users\RPRIVEL\Downloads\P_ 64476-2019_2.pdf 2019-02-26 09:55 - 2019-02-26 09:55 - 001183980 _____ C:\Users\RPRIVEL\Downloads\P_ 64300-2019_2.pdf 2019-02-26 07:41 - 2019-02-26 07:41 - 000142903 _____ C:\Users\RPRIVEL\Downloads\RAVAGO (4).pdf 2019-02-26 07:40 - 2019-02-26 07:40 - 000122176 _____ C:\Users\RPRIVEL\Downloads\UU-19-150-2.pdf 2019-02-26 07:39 - 2019-02-26 07:39 - 000112814 _____ C:\Users\RPRIVEL\Downloads\2251902252852251000000074469410023E.pdf 2019-02-26 07:39 - 2019-02-26 07:39 - 000058745 _____ C:\Users\RPRIVEL\Downloads\Izvod19_2019.02.25_220000000010232913.pdf 2019-02-25 15:26 - 2019-02-25 15:26 - 000196787 _____ C:\Users\RPRIVEL\Downloads\Izveštaj o promenama na kapitalu.pdf 2019-02-25 15:25 - 2019-02-25 15:25 - 000079082 _____ C:\Users\RPRIVEL\Downloads\Izveštaj o tokovima gotovine.pdf 2019-02-25 15:25 - 2019-02-25 15:25 - 000071356 _____ C:\Users\RPRIVEL\Downloads\Izveštaj o ostalom rezultatu.pdf 2019-02-25 15:24 - 2019-02-25 15:24 - 000139531 _____ C:\Users\RPRIVEL\Downloads\Bilans uspeha (19).pdf 2019-02-25 15:23 - 2019-02-25 15:23 - 000314560 _____ C:\Users\RPRIVEL\Downloads\Bilans stanja (23).pdf 2019-02-25 15:02 - 2019-02-25 15:02 - 000094828 _____ C:\Users\RPRIVEL\Documents\RN 119-2.pdf 2019-02-25 14:36 - 2019-02-25 14:36 - 000006338 _____ C:\Users\RPRIVEL\Downloads\attachment - 2019-02-25T143605.597.pdf 2019-02-25 13:56 - 2019-02-25 13:56 - 000072982 _____ C:\Users\RPRIVEL\Downloads\SPECIJALKA PREDRACUN I KONACNI R.PDF 2019-02-25 12:37 - 2019-02-25 12:37 - 000005951 _____ C:\Users\RPRIVEL\Downloads\sampleName(7894).pdf 2019-02-25 08:47 - 2019-02-25 08:47 - 000091072 _____ C:\Users\RPRIVEL\Documents\RN 118.pdf 2019-02-25 08:44 - 2019-02-25 08:44 - 000091171 _____ C:\Users\RPRIVEL\Documents\RN 117.pdf 2019-02-25 08:32 - 2019-02-25 08:32 - 000092842 _____ C:\Users\RPRIVEL\Documents\RN 116.pdf 2019-02-25 07:34 - 2019-02-25 07:34 - 000091794 _____ C:\Users\RPRIVEL\Documents\RN 114-2.pdf 2019-02-22 14:58 - 2019-02-22 14:58 - 000091732 _____ C:\Users\RPRIVEL\Documents\RN 113-2.pdf 2019-02-22 13:25 - 2019-02-22 13:25 - 000396381 _____ C:\Users\RPRIVEL\Downloads\Izava o neakt. RIVELL -potp. (1).pdf 2019-02-22 13:16 - 2019-02-22 13:16 - 000387500 _____ C:\Users\RPRIVEL\Downloads\Izjava o neakt. DPC 20180001- potp. (2).pdf 2019-02-22 13:15 - 2019-02-22 13:15 - 000387500 _____ C:\Users\RPRIVEL\Downloads\Izjava o neakt. DPC 20180001- potp. (1).pdf 2019-02-22 08:40 - 2019-02-22 08:40 - 000091149 _____ C:\Users\RPRIVEL\Documents\RN 112.pdf 2019-02-22 08:38 - 2019-02-22 08:38 - 000091031 _____ C:\Users\RPRIVEL\Documents\RN 111.pdf 2019-02-22 08:32 - 2019-02-22 08:32 - 000091055 _____ C:\Users\RPRIVEL\Documents\RN 110-2.pdf 2019-02-22 08:08 - 2019-02-22 08:08 - 000056618 _____ C:\Users\RPRIVEL\Downloads\Izvod18_2019.02.21_220000000010232913.pdf 2019-02-22 08:08 - 2019-02-22 08:08 - 000039622 _____ C:\Users\RPRIVEL\Downloads\DOST ŠABAC TREBOVANJE (53).pdf 2019-02-21 14:41 - 2019-02-21 14:41 - 000134037 _____ C:\Users\RPRIVEL\Downloads\Ponuda_PO_VP01_54_stampa_bruto_BODENA.pdf 2019-02-21 13:20 - 2019-02-21 13:20 - 000387500 _____ C:\Users\RPRIVEL\Downloads\Izjava o neakt. DPC 20180001- potp..pdf 2019-02-21 13:17 - 2019-02-21 13:17 - 000389460 _____ C:\Users\RPRIVEL\Downloads\Izjava o neakt. POKRET 20180001-potp..pdf 2019-02-21 12:42 - 2019-02-21 12:42 - 000396381 _____ C:\Users\RPRIVEL\Downloads\Izava o neakt. RIVELL -potp..pdf 2019-02-21 12:12 - 2019-02-21 12:12 - 000310236 _____ C:\Users\RPRIVEL\Downloads\Izava o neakt. RIVELL EVRON 20180001.pdf 2019-02-21 11:47 - 2019-02-21 11:47 - 000090934 _____ C:\Users\RPRIVEL\Documents\Izjava o neaktivnosti DPC 2018.pdf 2019-02-21 11:01 - 2019-02-21 11:33 - 000177639 _____ C:\Users\RPRIVEL\Documents\Izjava-o-neaktivnosti_primer.pdf 2019-02-21 08:08 - 2019-02-21 08:08 - 000003725 _____ C:\Users\RPRIVEL\Downloads\attachment - 2019-02-21T080849.555.pdf 2019-02-21 08:05 - 2019-02-27 07:41 - 000097568 _____ C:\Users\RPRIVEL\Documents\RN 43.pdf 2019-02-21 07:42 - 2019-02-21 07:42 - 000118322 _____ C:\Users\RPRIVEL\Downloads\2251902202852251000000074469410022E.pdf 2019-02-21 07:42 - 2019-02-21 07:42 - 000069129 _____ C:\Users\RPRIVEL\Downloads\Izvod17_2019.02.20_220000000010232913.pdf 2019-02-20 13:43 - 2019-02-20 13:43 - 000092333 _____ C:\Users\RPRIVEL\Documents\RN 107.pdf 2019-02-20 12:47 - 2019-02-20 12:47 - 000227642 _____ C:\Users\RPRIVEL\Downloads\DOO_RPRIVEL_ZRENJANIN_FakturaBroj_AV1376-17_PretplatniPeriod_2 (4).pdf 2019-02-20 12:46 - 2019-02-20 12:46 - 000248990 _____ C:\Users\RPRIVEL\Downloads\DOO_RPRIVEL_ZRENJANIN_FakturaBroj_AV324-17_PretplatniPeriod_1 (3).pdf 2019-02-20 12:46 - 2019-02-20 12:46 - 000248965 _____ C:\Users\RPRIVEL\Downloads\DOO_RPRIVEL_ZRENJANIN_FakturaBroj_AV323-17_PretplatniPeriod_1 (3).pdf 2019-02-20 12:41 - 2019-02-20 12:41 - 000208896 _____ C:\Users\RPRIVEL\Downloads\DOO_RPRIVEL_ZRENJANIN_FakturaBroj_1902608-20_PretplatniPeriod_4.pdf 2019-02-20 12:40 - 2019-02-20 12:40 - 000208895 _____ C:\Users\RPRIVEL\Downloads\DOO_RPRIVEL_ZRENJANIN_FakturaBroj_1807132-20_PretplatniPeriod_1 (1).pdf 2019-02-20 12:37 - 2019-02-20 12:37 - 000208900 _____ C:\Users\RPRIVEL\Downloads\DOO_RPRIVEL_ZRENJANIN_FakturaBroj_1817135-20_PretplatniPeriod_3 (1).pdf 2019-02-20 12:31 - 2019-02-20 12:31 - 000092377 _____ C:\Users\RPRIVEL\Documents\RN 106.pdf 2019-02-20 11:25 - 2019-02-20 11:25 - 000132407 _____ C:\Users\RPRIVEL\Downloads\Ponuda_PO_VP01_50_stampa_bruto_BODENA.pdf 2019-02-20 07:27 - 2019-02-20 07:27 - 000054370 _____ C:\Users\RPRIVEL\Downloads\Izvod16_2019.02.19_220000000010232913.pdf 2019-02-20 07:25 - 2019-02-20 07:25 - 000110473 _____ C:\Users\RPRIVEL\Downloads\2251902182852251000000074469410021E.pdf 2019-02-20 07:24 - 2019-02-20 07:24 - 000068802 _____ C:\Users\RPRIVEL\Downloads\Izvod15_2019.02.18_220000000010232913 (1).pdf 2019-02-19 14:16 - 2019-02-19 14:16 - 000472574 _____ C:\Users\RPRIVEL\Downloads\18.02. Faktura Rprivel.pdf 2019-02-19 13:59 - 2019-02-19 13:59 - 000123200 _____ C:\Users\RPRIVEL\Downloads\SKMBT_C224e19021719360 (1).pdf 2019-02-19 13:55 - 2019-02-19 13:56 - 000394526 _____ C:\Users\RPRIVEL\Downloads\PREDRAČUN 1009-0.pdf 2019-02-19 13:53 - 2019-02-19 13:53 - 000068802 _____ C:\Users\RPRIVEL\Downloads\Izvod15_2019.02.18_220000000010232913.pdf 2019-02-19 12:46 - 2019-02-19 13:23 - 000000000 ____D C:\Users\RPRIVEL\Desktop\PONUDE RPRIVEL 2019 2019-02-19 09:08 - 2019-02-19 09:08 - 000090742 _____ C:\Users\RPRIVEL\Documents\RN 99.pdf 2019-02-18 16:00 - 2019-02-18 16:00 - 000091946 _____ C:\Users\RPRIVEL\Documents\RN 96.pdf 2019-02-18 15:59 - 2019-02-18 15:59 - 000090934 _____ C:\Users\RPRIVEL\Documents\RN 98.pdf 2019-02-18 15:05 - 2019-02-18 15:05 - 000005564 _____ C:\Users\RPRIVEL\Downloads\sampleName(326).pdf 2019-02-18 15:04 - 2019-02-18 15:04 - 000005558 _____ C:\Users\RPRIVEL\Downloads\attachment - 2019-02-18T150426.966.pdf 2019-02-18 15:03 - 2019-02-18 15:03 - 000123200 _____ C:\Users\RPRIVEL\Downloads\SKMBT_C224e19021719360.pdf 2019-02-18 10:08 - 2019-02-18 10:08 - 000049857 _____ C:\Users\RPRIVEL\Downloads\Izvod14_2019.02.15_220000000010232913.pdf 2019-02-18 09:39 - 2019-02-18 09:39 - 000092610 _____ C:\Users\RPRIVEL\Documents\RV 97-2.pdf ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-18 15:51 - 2016-05-18 16:27 - 000488829 _____ C:\Windows\ZAM.krnl.trace 2019-03-18 15:51 - 2016-05-18 16:27 - 000477607 _____ C:\Windows\ZAM_Guard.krnl.trace 2019-03-18 15:48 - 2009-07-14 05:34 - 000020464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-03-18 15:48 - 2009-07-14 05:34 - 000020464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-03-18 15:44 - 2016-05-18 15:55 - 000000000 ____D C:\FRST 2019-03-18 15:27 - 2015-10-03 22:36 - 000000000 ____D C:\Users\RPRIVEL\AppData\Local\Deployment 2019-03-18 14:33 - 2018-03-30 13:54 - 000091878 _____ C:\Users\RPRIVEL\Documents\RN 181.pdf 2019-03-18 13:45 - 2016-06-04 12:49 - 000000000 ____D C:\Users\RPRIVEL\Documents\My Scans 2019-03-18 11:33 - 2009-07-14 05:52 - 000000000 ____D C:\Windows\system32\FxsTmp 2019-03-18 11:29 - 2010-11-20 22:01 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI 2019-03-18 11:29 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf 2019-03-18 08:29 - 2016-05-11 12:48 - 000000000 ____D C:\Users\RPRIVEL\Desktop\MVP 2019-03-18 07:46 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-03-15 17:16 - 2018-03-30 10:36 - 000091597 _____ C:\Users\RPRIVEL\Documents\RN 179.pdf 2019-03-15 17:10 - 2018-03-28 14:05 - 000092433 _____ C:\Users\RPRIVEL\Documents\RN 178.pdf 2019-03-15 11:38 - 2016-05-16 11:57 - 000000000 ____D C:\Users\RPRIVEL\Desktop\RPRIVEL 2019-03-15 10:49 - 2019-01-25 13:28 - 000097711 _____ C:\Users\RPRIVEL\Documents\RN 43-2.pdf 2019-03-15 08:01 - 2016-02-19 17:53 - 000027648 _____ C:\Windows\system32\BMXBkpCtrlState-{00000002-00000000-00000002-00001102-00000004-00521102}.rfx 2019-03-15 08:01 - 2016-02-19 17:53 - 000011564 _____ C:\Windows\system32\DVCState-{00000002-00000000-00000002-00001102-00000004-00521102}.rfx 2019-03-15 08:01 - 2015-10-04 00:18 - 000027648 _____ C:\Windows\system32\BMXCtrlState-{00000002-00000000-00000002-00001102-00000004-00521102}.rfx 2019-03-15 08:01 - 2015-10-03 22:10 - 000030072 _____ C:\Windows\system32\BMXStateBkp-{00000002-00000000-00000002-00001102-00000004-00521102}.rfx 2019-03-15 08:01 - 2015-10-03 22:10 - 000030072 _____ C:\Windows\system32\BMXState-{00000002-00000000-00000002-00001102-00000004-00521102}.rfx 2019-03-14 07:44 - 2015-10-03 20:42 - 000000000 ____D C:\Users\RPRIVEL 2019-03-14 04:56 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache 2019-03-14 03:46 - 2009-07-14 05:33 - 000664896 _____ C:\Windows\system32\FNTCACHE.DAT 2019-03-14 03:44 - 2016-05-04 02:58 - 000000000 ___SD C:\Windows\system32\CompatTel 2019-03-14 03:44 - 2016-05-04 02:58 - 000000000 ____D C:\Windows\system32\appraiser 2019-03-14 03:44 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\Dism 2019-03-14 03:26 - 2016-08-19 08:24 - 000000000 ____D C:\Windows\system32\MRT 2019-03-14 03:04 - 2016-08-19 08:24 - 124382624 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-03-13 12:52 - 2019-01-23 15:56 - 000066716 _____ C:\Users\RPRIVEL\Documents\RN 13.pdf 2019-03-13 11:12 - 2018-06-01 11:50 - 000092193 _____ C:\Users\RPRIVEL\Documents\RN 168.pdf 2019-03-13 03:04 - 2016-07-02 08:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2019-03-13 03:03 - 2009-07-14 03:04 - 000000478 _____ C:\Windows\win.ini 2019-03-12 10:58 - 2016-07-02 07:15 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2019-03-12 10:58 - 2016-07-02 07:15 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2019-03-12 10:58 - 2016-02-19 17:21 - 000000000 ____D C:\Windows\system32\Macromed 2019-03-08 15:41 - 2017-12-18 11:48 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2019-03-08 15:41 - 2015-10-03 22:41 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2019-03-06 12:40 - 2016-04-28 09:10 - 000000732 _____ C:\Users\RPRIVEL\Desktop\ProSpool - Shortcut.lnk 2019-03-06 10:13 - 2017-04-05 15:12 - 000000000 ____D C:\Users\RPRIVEL\AppData\Roaming\Thunderbird 2019-03-06 10:13 - 2015-10-03 22:41 - 000000000 ____D C:\Users\RPRIVEL\AppData\Roaming\Mozilla 2019-03-05 00:34 - 2015-10-03 22:37 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-03-01 12:54 - 2018-01-24 09:25 - 000092774 _____ C:\Users\RPRIVEL\Documents\ProSpool.pdf 2019-02-28 15:18 - 2016-05-11 12:48 - 000000000 ____D C:\Users\RPRIVEL\Desktop\ZARADE ZA PPP PD 2019-02-27 07:43 - 2019-01-30 09:34 - 000095821 _____ C:\Users\RPRIVEL\Documents\rn 51.pdf 2019-02-25 14:19 - 2016-05-11 12:49 - 000000000 ___RD C:\Users\RPRIVEL\Desktop\CENOVNICI RPRIVEL-a 2019-02-24 13:53 - 2015-10-03 22:51 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-02-22 13:11 - 2017-02-24 10:28 - 000000000 ____D C:\NexU-Apr 2019-02-20 07:23 - 2016-05-07 11:21 - 000000000 ____D C:\Program Files\TeamViewer ==================== Files in the root of some directories ======= 1986-02-02 01:00 - 1986-02-02 01:00 - 000002243 _____ () C:\Users\RPRIVEL\AppData\Roaming\BottleoCashew.RRa 1989-01-04 01:00 - 1989-01-04 01:00 - 000049780 _____ () C:\Users\RPRIVEL\AppData\Roaming\Cheapskate.9nv 2016-05-09 14:41 - 2016-05-09 14:41 - 000948736 _____ () C:\Users\RPRIVEL\AppData\Roaming\INCHITY.del 2016-06-07 01:55 - 2016-06-07 01:55 - 000019968 _____ (Sonic Solutions) C:\Users\RPRIVEL\AppData\Roaming\Pwgen.dll 2016-05-09 14:41 - 2016-05-09 14:41 - 000848437 _____ () C:\Users\RPRIVEL\AppData\Roaming\SANKIX.del 2016-05-09 14:41 - 2016-05-09 14:41 - 000948736 _____ () C:\Users\RPRIVEL\AppData\Roaming\VOL-TRAX.del 2016-05-09 14:43 - 2016-05-09 14:42 - 000041472 _____ () C:\Users\RPRIVEL\AppData\Local\Anottrans.dat 2016-05-09 14:43 - 2016-05-09 14:42 - 000000187 _____ () C:\Users\RPRIVEL\AppData\Local\Anottrans.exe.config Some files in TEMP: ==================== 2018-07-17 07:38 - 2018-08-27 08:18 - 002936680 _____ (Microsoft Corporation) C:\Users\RPRIVEL\AppData\Local\Temp\DefaultPack.EXE 2015-07-21 06:35 - 2015-07-21 06:35 - 000341120 _____ (Gretech Corporation) C:\Users\RPRIVEL\AppData\Local\Temp\ExPromo.exe 2009-07-17 20:12 - 2009-07-17 20:12 - 001957206 _____ (Adobe Systems Incorporated) C:\Users\RPRIVEL\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe 2016-05-09 13:00 - 2016-05-09 13:00 - 000173568 _____ () C:\Users\RPRIVEL\AppData\Local\Temp\nswE23D.exe 2018-10-01 07:11 - 2018-10-01 07:11 - 000000000 _____ () C:\Users\RPRIVEL\AppData\Local\Temp\qu64ilpt.dll 2019-03-08 14:13 - 2019-03-08 14:13 - 000584704 _____ () C:\Users\RPRIVEL\AppData\Local\Temp\wfkda8bp.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-03-14 00:36 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-03-2019 Ran by RPRIVEL (18-03-2019 15:54:49) Running from C:\Users\RPRIVEL\Desktop\first Microsoft Windows 7 Home Basic Service Pack 1 (X86) (2015-10-03 19:41:55) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3615150473-1923277583-1539101694-500 - Administrator - Disabled) Guest (S-1-5-21-3615150473-1923277583-1539101694-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3615150473-1923277583-1539101694-1004 - Limited - Enabled) RPRIVEL (S-1-5-21-3615150473-1923277583-1539101694-1000 - Administrator - Enabled) => C:\Users\RPRIVEL ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated) Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.156 - Adobe Systems Incorporated) ATI Catalyst Install Manager (HKLM\...\{08E264F0-E675-8E6D-0042-8741FD41E654}) (Version: 3.0.715.0 - ATI Technologies, Inc.) BufferChm (HKLM\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden Bullzip PDF Printer 10.24.0.2543 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.24.0.2543 - Bullzip) ccc-core-static (HKLM\...\{093C982A-E1CB-6D32-5FAD-DCE8EA8F86FA}) (Version: 2009.0929.2222.38284 - ATI) Hidden Corel Compatibility Pack (HKLM\...\{77ECF7E9-5758-4965-803D-77AABC474747}) (Version: 12.4518.1018 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\_{FD417077-C2FE-46DB-942A-228179B308D5}) (Version: 18.0.0.448 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{FD417077-C2FE-46DB-942A-228179B308D5}) (Version: 18.0.448 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - BR (HKLM\...\{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Capture (HKLM\...\{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Common (HKLM\...\{CA3861BA-1D96-4D66-B577-318E1602C4F3}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Connect (HKLM\...\{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Custom Data (HKLM\...\{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - DE (HKLM\...\{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Draw (HKLM\...\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - EN (HKLM\...\{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - ES (HKLM\...\{68EE5C41-2F79-4F36-BE85-22A814F55AF7}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Extra Content (HKLM\...\_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version: - Corel Corporation) CorelDRAW Graphics Suite X5 - Extra Content (HKLM\...\{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Filters (HKLM\...\{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - FontNav (HKLM\...\{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - FR (HKLM\...\{8F18CFF8-8259-4148-AD00-2EE572754E92}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - IPM (HKLM\...\{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - IT (HKLM\...\{DC43FBD3-3E5D-419D-A981-519F1A3E6F53}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - NL (HKLM\...\{BFE9A442-5D4B-4372-B994-FB4BCEA78662}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - PHOTO-PAINT (HKLM\...\{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Photozoom Plugin (HKLM\...\{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Premium Fonts (HKLM\...\{A9E21D37-B157-4245-9C33-179628C47847}) (Version: 1.00.0000 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Redist (HKLM\...\{59123CCF-FED2-46FF-9293-D1DC80042219}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Setup Files (HKLM\...\{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VBA (HKLM\...\{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VideoBrowser (HKLM\...\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VSTA (HKLM\...\{260ED378-2B8C-4831-ADAE-D0712D119AC5}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - WT (HKLM\...\{9244E956-5939-4B88-930C-0699D4AB2B95}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 (HKLM\...\{368FCA18-C510-4F87-B60E-192B9BDBAE3D}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (HKLM\...\{5D0275EA-F3CE-450A-A5A3-F852E30CA46F}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (HKLM\...\{994F3055-8433-46A7-8E1F-6CC7B68B01F0}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (HKLM\...\{EFB8E269-0619-475B-8C5B-96F98551AA33}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (HKLM\...\{84749C5C-FA80-4779-BD96-544165A8CD31}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (HKLM\...\{30FAE453-9F77-4F70-928E-042BEF00D011}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - EN (HKLM\...\{41263A64-D276-484F-9056-AD58C8995E35}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (HKLM\...\{8DADD35F-49CE-4D18-AE6D-135DD150E74F}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (HKLM\...\{7F5DE3F2-5865-4D4A-89D1-AAEFE1F96E50}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (HKLM\...\{657EAD32-8E7A-43C0-A794-3BB31B00DC34}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (HKLM\...\{D29A4F85-0FB7-4E54-B591-044652C4295F}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (HKLM\...\{0A0143FF-ECB5-4960-A2E0-DC3150ABBBE0}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (HKLM\...\{950055ED-DC61-4874-8EDB-E5CDE1D218CD}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (HKLM\...\{F3286FA3-DF68-4948-8D1D-ED3A539077B3}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (HKLM\...\{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (HKLM\...\{877522BE-A318-4603-9B00-DF319C6FA2B1}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (HKLM\...\{4C614BD3-607E-4289-BB51-4D87EC7BBD62}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (HKLM\...\{246FE426-2661-4DD6-9603-DF2E6832387C}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (HKLM\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.1.0.572 - Corel Corporation) CorelDRAW Graphics Suite X7 (HKLM\...\{08A60D9D-C206-46BF-9602-1F2616878CF7}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW(R) Graphics Suite X5 (HKLM\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0.0.486 - Corel Corporation) Creative ALchemy (HKLM\...\ALchemy) (Version: 1.43 - Creative Technology Limited) Creative Audio Console (HKLM\...\AudioCS) (Version: 1.33 - Creative Technology Limited) Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited) Čitač elektronske lične karte (32-bitni) (HKLM\...\{2A97FB57-F02A-4AC8-AA0A-B6C3D92DF7CC}) (Version: 1.2.3 - MUP RS) Destinations (HKLM\...\{D0DFDFA8-1C04-407B-9CB2-A25AB20DD54D}) (Version: 140.0.0.0 - Hewlett-Packard) Hidden Digitrust Enrollment (HKLM\...\{B5CD618A-AAA6-4E56-A33D-782806E6DDBA}) (Version: 1.0.0 - Asseco SEE) DocProc (HKLM\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden ePorezi verzija 1.0 (HKLM\...\{1DEDDEDF-4E0B-4E32-BEFD-8DD1EF96C93D}_is1) (Version: 1.0 - PURS) Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden GOM Player (HKLM\...\GOM Player) (Version: 2.2.77.5240 - Gretech Corporation) Google Chrome (HKLM\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden HP Imaging Device Functions 14.5 (HKLM\...\HP Imaging Device Functions) (Version: 14.5 - HP) hp LaserJet 1005 (HKLM\...\{F61F2FAB-7CBB-4745-BC52-C9FB2A0F99EF}) (Version: - ) HP LaserJet Pro MFP M25-M27 (HKLM\...\{6f61eb21-bed8-4110-99c0-df985ca05b33}) (Version: 15.0.16103.89 - Hewlett-Packard) HP Scanjet G4050 (HKLM\...\{27E19BA1-B30F-4E97-835B-1481803F54DC}) (Version: 14.5 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDXP (HKLM\...\{C15D823A-EDC1-409F-8C81-CA1A66146146}) (Version: 3.0.26.8 - HP) Hidden hpg4050 (HKLM\...\{1346C189-0E0C-4756-B77E-748C34CFA70E}) (Version: 140.000.000.000 - Hewlett-Packard) Hidden HPLJM25M27 (HKLM\...\{1612D7B8-386E-4FAD-8059-0415F6918F36}) (Version: 0.00.0005 - HP) Hidden HPLJUTCore (HKLM\...\{06C9D648-CFC6-48CC-A11B-C4A21BEDDAF1}) (Version: 018.000.0001 - HP) Hidden HPLJUTM25_27 (HKLM\...\{90CEE3E5-971D-4A2D-AF76-BC6B7F4DBEE8}) (Version: 020.000.0001 - HP) Hidden hppLaserJetService (HKLM\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden hppM25_M27LaserJetService (HKLM\...\{ED85D11B-25FE-4389-8FF6-B02EAB672D8C}) (Version: 001.034.00693 - HP Inc.) Hidden hpStatusAlerts (HKLM\...\{32DE03E8-D0B3-4D13-A885-D3EDFC959EEC}) (Version: 180.040.00267 - HP Development Company, L.P.) Hidden hpStatusAlertsM25-M27 (HKLM\...\{42C49CAE-7225-41D0-9336-9A4FB163B26A}) (Version: 080.046.00114 - Hewlett-Packard) Hidden IDGo 500 PKCS#11 Library for IDPrime .NET Smart Cards (HKLM\...\{19699919-028B-4B2F-9290-558532122010}) (Version: 2.3.0.03 - Gemalto) Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) LibreOffice 5.0.2.2 (HKLM\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation) LPA ePIA version 0.99 (HKLM\...\{8C4DE4FF-E7F9-4FFA-90AF-A08517DC398E}_is1) (Version: 0.99 - Kancelarija za informacione tehnologije i elektronsku upravu) LJDXPHelperUI (HKLM\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden McAfee True Key (HKLM\...\TrueKey) (Version: 5.2.167.1 - McAfee, LLC) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 (HKLM\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation) Mozilla Firefox 43.0.1 (x86 sr) (HKLM\...\Mozilla Firefox 43.0.1 (x86 sr)) (Version: 43.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.4.0.6925 - Mozilla) Mozilla Thunderbird 60.4.0 (x86 sr) (HKLM\...\Mozilla Thunderbird 60.4.0 (x86 sr)) (Version: 60.4.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MySQL Server 5.1 (HKLM\...\{31A49E0E-1989-4E2F-9085-D90A732193F4}) (Version: 5.1.51 - Oracle Corporation) OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP) OfficeBanking Desktop - 1 (HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\33f6f0f0bf62208e) (Version: 1.2018.11114.1 - Asseco SEE) OpenAL (HKLM\...\OpenAL) (Version: - ) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden SafeSign (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.76 - A.E.T. Europe B.V.) Scan (HKLM\...\{A9CC8D58-397F-4241-86C7-5463274E9B08}) (Version: 14.0.1.0 - Hewlett-Packard) Hidden SecureAccess86 (HKLM\...\{E6C2A010-032E-41F7-8D49-ABB6CB169758}) (Version: 1.0.0 - Microsoft) SecurityTray 1.1.9 (HKLM\...\{E67858D6-9A45-46E2-8625-890C5DDA2173}_is1) (Version: 1.1.9 - Saga d.o.o.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Skins (HKLM\...\{92A188E7-5658-0DD8-97FB-CD1B53A3642A}) (Version: 2009.0929.2222.38284 - ATI) Hidden Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.) TeamViewer 12 (HKLM\...\TeamViewer) (Version: 12.0.132598 - TeamViewer) TrustEdgeID 2.2.1 (32-bit) (HKLM\...\{1DDC8ED6-F827-4988-8B7D-C7EE2628C8B5}) (Version: 2.2.1 - NetSeT Global Solutions d.o.o.) Update for Skype for Business 2015 (KB4462135) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{84A498A6-4C4D-4B31-8537-11E2ACA3C0A1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4462135) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{84A498A6-4C4D-4B31-8537-11E2ACA3C0A1}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.25 - Zemana Ltd.) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3615150473-1923277583-1539101694-1000_Classes\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}\InprocServer32 -> C:\Program Files\TNT2\TNT2UserPS.dll => No File CustomCLSID: HKU\S-1-5-21-3615150473-1923277583-1539101694-1000_Classes\CLSID\{53B5243F-8302-4DAD-BE8F-1D0665E8225E}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO3.dll => No File CustomCLSID: HKU\S-1-5-21-3615150473-1923277583-1539101694-1000_Classes\CLSID\{554EBE31-AEC1-4E34-BCE3-606467760D88}\localserver32 -> "C:\Users\RPRIVEL\AppData\Local\TNT2\2.0.0.2100\TNT2User.exe" => No File CustomCLSID: HKU\S-1-5-21-3615150473-1923277583-1539101694-1000_Classes\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9} -> [] => ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2016-11-27] (Zemana Ltd. -> ) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed] ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2009-09-29] (Advanced Micro Devices, Inc.) [File not signed] ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll [2016-11-27] (Zemana Ltd. -> ) ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0757A166-B13E-4EB6-AC0A-8BC31EBE03B6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation) Task: {20F2DA2D-D70D-42BA-88D6-94478FC31E0B} - \Qifiryplohele Builder -> No File <==== ATTENTION Task: {2ADBD59B-F7DA-4428-9B6C-6A8AEBD59EA9} - System32\Tasks\HPLJCustParticipation => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe (Hewlett-Packard -> HP Development Company, L.P.) Task: {44567587-0094-4EDA-987B-E5A7F277DFD1} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.) Task: {5E5644AA-B414-4F95-86B2-AEE700157EEE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {6CC47390-4E7E-4E19-9245-33C22F7125A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {6FEDE7E0-F10D-4A7C-8F50-69839725B311} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {70A7B964-78ED-4F3F-A4DE-D16EB15CB977} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {8C00EE6C-1B9C-4A8F-8299-348041B3FDDD} - System32\Tasks\MpSigStub => C:\Users\RPRIVEL\BdeSysprep\AppVReporting.exe () [File not signed] Task: {92F33C26-7653-468C-B517-24D18A6B57B7} - \PPI Update -> No File <==== ATTENTION Task: {C90D1B58-8D37-403A-938C-6DF3FE4C8DBE} - System32\Tasks\browser_broker => C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] Task: {E3F20D85-6801-48A7-81E1-AA9650AAD9B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {FE428233-A011-4581-940E-B4BF888B9761} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ShortcutWithArgument: C:\Users\RPRIVEL\Desktop\SOGEBANKING.lnk -> C:\Program Files\Java\jre1.8.0_91\bin\javaws.exe (Oracle Corporation) -> -localfile -offline -J-Djnlp.application.href=hxxps://www.sogebanking.rs/CorporateLauncher/launch.jnlp "C:\Users\RPRIVEL\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\c45eade-1808135d" ShortcutWithArgument: C:\Users\RPRIVEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SOGEBANKING\SOGEBANKING.lnk -> C:\Program Files\Java\jre1.8.0_91\bin\javaws.exe (Oracle Corporation) -> -localfile -offline -J-Djnlp.application.href=hxxps://www.sogebanking.rs/CorporateLauncher/launch.jnlp "C:\Users\RPRIVEL\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\c45eade-1808135d" ShortcutWithArgument: C:\Users\RPRIVEL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData ==================== Loaded Modules (Whitelisted) ============== 2012-06-15 01:00 - 2012-06-15 01:00 - 000311296 _____ () C:\Windows\system32\aetcsss1.dll 2012-07-24 11:05 - 2012-07-24 11:05 - 001626112 _____ () C:\Windows\system32\aetpkss1.dll 2015-10-03 22:07 - 2010-02-12 09:23 - 000286720 ____N () C:\Program Files\Creative\Shared Files\CTAudSvc.exe 2016-05-20 09:43 - 2016-03-07 20:25 - 000200192 _____ () C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll 2009-09-16 17:38 - 2009-09-16 17:38 - 000200704 _____ () C:\Windows\System32\HpTcpMon.dll 2009-09-16 17:40 - 2009-09-16 17:40 - 000245760 _____ () C:\Windows\System32\HPTcpMUI.dll 2009-09-16 10:44 - 2009-09-16 10:44 - 000139264 _____ () C:\Windows\System32\hpzjrd01.dll 2009-09-16 17:37 - 2009-09-16 17:37 - 000118784 _____ () C:\Windows\System32\hptcpmib.dll 2016-11-13 15:06 - 2013-04-15 11:49 - 000059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1006PP.dll 2014-06-24 22:31 - 2014-06-24 22:31 - 000176128 _____ () C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe 2014-06-24 22:31 - 2014-06-24 22:31 - 000073728 _____ () C:\Program Files\HP\HPLaserJetService\HPTools.dll 2014-06-24 22:31 - 2014-06-24 22:31 - 000034816 _____ () C:\Program Files\HP\HPLaserJetService\HPServiceCommunicator.dll 2014-06-24 22:31 - 2014-06-24 22:31 - 000041472 _____ () C:\Program Files\HP\HPLaserJetService\HPHTTPProxy.dll 2014-06-24 22:31 - 2014-06-24 22:31 - 001222656 _____ () C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll 2009-09-16 10:44 - 2009-09-16 10:44 - 000406528 _____ () C:\Windows\system32\hpzjcd01.dll 2010-09-23 09:49 - 2010-09-23 09:49 - 006094848 _____ () C:\MySQL\MySQL Server 5.1\bin\mysqld.exe 2018-03-26 11:58 - 2018-03-26 11:58 - 000112128 _____ () C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll 2009-09-29 22:15 - 2009-09-29 22:15 - 000704512 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll 2009-09-29 22:14 - 2009-09-29 22:14 - 000003584 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll 2010-11-18 17:08 - 2010-11-18 17:08 - 000055808 _____ () C:\Program Files\7-Zip\7-zip.dll 2011-11-10 11:52 - 2011-11-10 11:52 - 000151552 _____ () C:\Windows\System32\aetcrss1.exe 2003-02-21 04:42 - 2003-02-21 04:42 - 000348160 _____ () C:\Windows\System32\MSVCR71.dll 2012-06-25 15:25 - 2012-06-25 15:25 - 000180224 _____ () C:\Windows\System32\aettask.dll 2003-03-18 20:14 - 2003-03-18 20:14 - 000499712 _____ () C:\Windows\System32\MSVCP71.dll 2008-12-18 14:32 - 2008-12-18 14:32 - 000049152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 2016-02-19 18:50 - 2016-02-19 18:50 - 000106496 _____ () C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3559.38390__90ba9c70f846762e\MOM.Implementation.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000061440 _____ () C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3559.38388__90ba9c70f846762e\LOG.Foundation.Implementation.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000028672 _____ () C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3559.38390__90ba9c70f846762e\CCC.Implementation.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000028672 _____ () C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll 2019-03-18 07:46 - 2019-03-18 07:46 - 000103936 ____N () C:\Users\RPRIVEL\AppData\Local\Temp\jna-2129178216\jna8781637547674097494.dll 2019-03-05 14:39 - 2017-04-06 16:20 - 000019456 _____ () C:\Program Files\LPA\ePIA\java\bin\sunmscapi.dll 2019-03-08 15:38 - 2019-03-08 14:13 - 000584712 __RSH () C:\Users\RPRIVEL\AppData\Roaming\remcos\remcos.exe 2008-12-18 13:19 - 2008-12-18 13:19 - 000049152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 2016-02-19 18:50 - 2016-02-19 18:50 - 000073728 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000057344 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3559.38264__90ba9c70f846762e\CLI.Component.SkinFactory.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000028672 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000081920 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3559.38262__90ba9c70f846762e\CLI.Component.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000045056 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000040960 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000045056 _____ () C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3559.38260__90ba9c70f846762e\AEM.Server.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000045056 _____ () C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3559.38409__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll 2008-11-25 13:35 - 2008-11-25 13:35 - 000573440 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Implementation\32\wbocx.ocx 2016-02-19 18:50 - 2016-02-19 18:50 - 000013312 _____ () C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000045056 _____ () C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll 2006-10-10 10:55 - 2006-10-10 10:55 - 000050688 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Implementation\32\wbhelp2.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000011776 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3559.38418__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000008704 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3559.38418__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000061440 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000290816 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3559.38265__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000024576 _____ () C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll 2007-10-29 14:56 - 2007-10-29 14:56 - 000016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000081920 _____ () C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3559.38262__90ba9c70f846762e\ATIDEMOS.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll 2008-04-03 16:29 - 2008-04-03 16:29 - 000020480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000069632 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3559.38344__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000040960 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000028672 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000036864 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3559.38325__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll 2008-05-15 14:51 - 2008-05-15 14:51 - 000016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000077824 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3559.38372__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000065536 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3559.38276__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000040960 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3559.38298__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000028672 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000036864 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3559.38340__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000024576 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000040960 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3559.38327__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000053248 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3559.38342__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000028672 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000065536 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3559.38326__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000049152 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000061440 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3559.38350__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000053248 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000081920 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3559.38327__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000053248 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000045056 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3559.38396__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000028672 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll 2008-01-18 11:35 - 2008-01-18 11:35 - 000016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll 2008-12-30 11:04 - 2008-12-30 11:04 - 000016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000061440 _____ () C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3559.38261__90ba9c70f846762e\APM.Server.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000007168 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3559.38259__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000544768 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3559.38383__90ba9c70f846762e\CLI.Component.Systemtray.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000040960 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000405504 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3559.38284__90ba9c70f846762e\CLI.Component.Wizard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000024576 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000040960 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3559.38285__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000491520 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3559.38397__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000040960 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000007168 _____ () C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000094208 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3559.38352__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000405504 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3559.38364__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 001728512 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3559.38290__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000503808 _____ () C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3559.38437__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000204800 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3559.38292__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000364544 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3559.38378__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll 2009-10-01 16:45 - 2009-10-01 16:45 - 000016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000692224 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3559.38359__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000007680 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3559.38424__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 001142784 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3559.38271__90ba9c70f846762e\CLI.Component.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000020480 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000073728 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3559.38275__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000016384 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000139264 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3559.38399__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000225280 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3559.38292__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000712704 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3559.38278__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000126976 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3559.38340__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000438272 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3559.38326__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000675840 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3559.38346__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000798720 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3559.38373__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000450560 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3559.38321__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000364544 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3559.38351__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000589824 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3559.38293__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000811008 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3559.38328__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll 2016-02-19 18:50 - 2016-02-19 18:50 - 000007680 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3559.38418__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll 2015-12-24 17:36 - 2015-12-24 17:36 - 001086976 _____ () C:\Program Files\TrustEdgeID\TokenUtil.exe 2019-03-14 07:44 - 2019-03-18 07:47 - 000592400 _____ () C:\Users\RPRIVEL\AppData\Roaming\Install\Host.exe 2019-03-14 07:44 - 2019-03-15 07:40 - 000592400 _____ () C:\Users\RPRIVEL\TRACERT\bi.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\purs.gov.rs -> [Link mogu videti samo ulogovani korisnici] ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2009-06-10 22:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{8EB6B127-AD19-47BA-939F-7AA2E1AA35BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0B47EF4F-7A8A-4AEA-B7DE-FF45FF022210}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B09D762B-8F4B-458B-BEEE-84234128372F}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{9A1072A2-3C60-4E3D-A81C-6AEAF1210F5E}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{4C533CF2-9F58-4271-8BBA-536E31565589}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{3D72F33F-2641-400A-B7B6-FB1355307180}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard Co.) [File not signed] FirewallRules: [{30ED1781-F375-40D5-B7E9-CD6CAF6E9CE2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed] FirewallRules: [{42918D0B-AB37-41FF-93FB-DCA7B1E93CFE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard Co.) [File not signed] FirewallRules: [{C0DF283F-E835-4DBA-A1F5-407BA8AE06E8}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard) FirewallRules: [{071471EA-5C07-4DF9-B292-53ABD8FDEC82}] => (Allow) LPort=3306 FirewallRules: [{3490EEB8-989D-4F91-B875-64385365B736}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{95182B60-D04E-41B9-B0E4-51B248720F6B}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe (Corel Corporation -> Corel Corporation) FirewallRules: [{89BA8BFB-2163-4270-97B0-CB4333636DC4}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe (Corel Corporation -> Corel Corporation) FirewallRules: [{A2579742-EAB0-42CE-AC54-DC46CD31E485}] => (Allow) C:\Users\RPRIVEL\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{FE16D2E6-FE6C-4118-B447-91423B4EDB10}] => (Allow) C:\Users\RPRIVEL\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{24842372-7A1B-420A-A563-DCD6FCD42C2F}] => (Allow) C:\Users\RPRIVEL\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{38D61D30-EE02-4D55-8D87-047A82AF56C7}] => (Allow) C:\Users\RPRIVEL\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{203E4173-4DAF-4A71-8489-C13B4C2DAD6D}] => (Allow) C:\Users\RPRIVEL\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{10B040ED-A220-4590-8EAE-DDCA47FE4AD8}] => (Allow) C:\Users\RPRIVEL\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{8C22DF3B-324D-46DE-8784-9D21C2F7E0EE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EA85020A-B3D6-4E61-9C71-932507A439DC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{079B8F48-F526-4854-88EB-90DDEB4D06B2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{433FD3EC-DFEF-4D54-8252-88BD414AB3EF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{CD89B1A5-EBC7-4DCB-9F7F-3E1EBDDF2866}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{AEC76E89-9935-433D-A829-D6F2CF3A3EB4}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [{ECE0FBEA-F0C2-41F9-B460-8E3FB74A5DE5}] => (Allow) C:\Program Files\UnHackMe\Unhackme.exe No File FirewallRules: [{2D8DEFD9-59D0-403F-A6DA-4C2896EBBBE7}] => (Allow) C:\Program Files\UnHackMe\Unhackme.exe No File FirewallRules: [{C9C3CEB4-3F12-4982-A831-A5A42A4532C3}] => (Allow) C:\Users\RPRIVEL\AppData\Local\TNT2\2.0.0.2100\TNT2User.exe No File FirewallRules: [TCP Query User{67DBA4C4-0388-48F6-8BF2-212E5CDA99FD}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{842A9F27-C453-4154-96A3-42EE90E43274}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [{7B5CD9EF-74A2-4BCC-9658-389B7EDB887F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FE53979C-8A84-451C-8717-E74305864476}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2613DC65-8B96-4FBE-847F-B16C389AA618}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D529AF3B-6BBB-4B98-9A6B-195DC98590F3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{98694EAD-394C-48D3-BA65-9CE72D6EAEB9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{73D0DFA5-D949-4584-BF98-43611679F01A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{5E5850E7-190C-4CC4-AEF6-974E6A664D22}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{526E47E5-6921-43C5-A1C9-B8B8D73DCB83}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{BE6392DE-A1C3-49C3-9AA3-04BC50B22989}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M25-M27\bin\EWSProxy.exe (Hewlett Packard -> HP Inc., LP) FirewallRules: [{B6A6A6C3-56F0-43DA-A02D-7E9486FC931E}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M25-M27\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc., LP) FirewallRules: [{7043D740-A9B3-41B3-8728-6244846283F6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{DCD60E76-759D-4A50-9342-67C9A40FA970}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{71CD1D18-D471-4760-B5D3-3E6F01498707}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{56382755-7C36-480C-9074-2D356FD60C4D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{B7A70F34-8329-4533-B039-C11D21218F2F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) ==================== Restore Points ========================= 24-02-2019 19:57:13 Windows Update 02-03-2019 13:07:53 Windows Update 05-03-2019 21:46:27 Windows Update 11-03-2019 18:06:26 Windows Update 13-03-2019 03:00:35 Windows Update 14-03-2019 03:00:17 Windows Update 15-03-2019 03:00:15 Windows Update ==================== Faulty Device Manager Devices ============= Name: Creative Game Port Description: Creative Game Port Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Creative Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (03/18/2019 07:47:35 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (03/18/2019 12:24:26 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/17/2019 05:34:57 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/16/2019 04:26:30 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/15/2019 08:04:45 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (03/15/2019 08:01:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x5c825883 Faulting module name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x5c825883 Exception code: 0xc00000fd Fault offset: 0x00031967 Faulting process id: 0x1fcc Faulting application start time: 0x01d4dafcd89bef8c Faulting application path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\system32\svchost.exe Report Id: 165cbf63-46f0-11e9-ae07-00252246e93c Error: (03/15/2019 08:00:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x5c825883 Faulting module name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x5c825883 Exception code: 0xc00000fd Fault offset: 0x00031967 Faulting process id: 0x1ffc Faulting application start time: 0x01d4dafcd7694513 Faulting application path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\system32\svchost.exe Report Id: 15276645-46f0-11e9-ae07-00252246e93c Error: (03/15/2019 08:00:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x5c825883 Faulting module name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x5c825883 Exception code: 0xc00000fd Fault offset: 0x00031967 Faulting process id: 0x1184 Faulting application start time: 0x01d4dafcd636e6e6 Faulting application path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\system32\svchost.exe Report Id: 13fb9690-46f0-11e9-ae07-00252246e93c System errors: ============= Error: (03/18/2019 07:46:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Service Installer TrueKey service failed to start due to the following error: The system cannot find the file specified. Error: (03/18/2019 07:46:04 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 7:43:14 AM on ‎3/‎18/‎2019 was unexpected. Error: (03/18/2019 07:45:45 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY) Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. Error: (03/17/2019 04:47:16 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: The server {752073A1-23F2-4396-85F0-8FDB879ED0ED} did not register with DCOM within the required timeout. Error: (03/17/2019 04:46:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Modules Installer service terminated with the following error: Insufficient system resources exist to complete the requested service. Error: (03/15/2019 08:05:59 AM) (Source: BROWSER) (EventID: 8032) (User: ) Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{620E5B35-FF62-408A-A7C3-B8B839519DF1}. The backup browser is stopping. Error: (03/15/2019 08:03:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Service Installer TrueKey service failed to start due to the following error: The system cannot find the file specified. Error: (03/15/2019 08:02:55 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY) Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. Windows Defender: =================================== Date: 2016-12-15 03:52:46.204 Description: Windows Defender scan has been stopped before completion. Scan ID:{4FC60A5B-5DBE-4A7B-AFC3-28952DF8AF77} Scan Type:AntiSpyware Scan Parameters:Quick Scan Date: 2016-09-14 08:18:01.014 Description: Windows Defender scan has been stopped before completion. Scan ID:{7F39EB39-3C9B-42E1-9FCD-A72B90BEA6EA} Scan Type:AntiSpyware Scan Parameters:Quick Scan Date: 2016-06-28 20:53:57.593 Description: Windows Defender has detected spyware or other potentially unwanted software. For more information please see the following: [Link mogu videti samo ulogovani korisnici] Name:BrowserModifier:Win32/Sasquor ID:226763 Severity:High Category:Browser Modifier Path Found:clsid:HKLM\SOFTWARE\CLASSES\CLSID\{98C066AB-D735-4339-9E52-A34875141B56};file:C:\Program Files\Qifiryplohele\QifiryplohelebuilderSrv.html5;file:C:\Program Files\Qifiryplohele\QifiryplohelebuilderTsk.exe;file:C:\Users\RPRIVEL\AppData\Roaming\Microsoft\Windows\Cookies\atagetain.dll;file:C:\Windows\System32\Tasks\Qifiryplohele Builder;folder:C:\Program Files\Qifiryplohele\;process:pid:2424,ProcessStart:131116072864589843;regkey:HKLM\SOFTWARE\CLASSES\CLSID\{98C066AB-D735-4339-9E52-A34875141B56};regkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\\{98C066AB-D735-4339-9E52-A34875141B56};service:QifiryplohelebuilderSrv;shellexechook:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS\\{98C066AB-D735-4339-9E52-A34875141B56};taskscheduler:C:\Windows\System32\Tasks\Qifiryplohele Builder Detection Type:Concrete Detection Source:System Status:Unknown Process Name:C:\Windows\System32\svchost.exe Date: 2016-06-28 20:42:14.531 Description: Windows Defender has detected spyware or other potentially unwanted software. For more information please see the following: [Link mogu videti samo ulogovani korisnici] Name:BrowserModifier:Win32/Sasquor ID:226763 Severity:High Category:Browser Modifier Path Found:file:C:\Users\RPRIVEL\AppData\Roaming\Microsoft\Windows\Cookies\atagetain.dll;process:pid:2424,ProcessStart:131116072864589843 Detection Type:Concrete Detection Source:System Status:Unknown Process Name:C:\Windows\System32\svchost.exe Date: 2016-05-11 10:17:07.185 Description: Windows Defender has detected spyware or other potentially unwanted software. For more information please see the following: [Link mogu videti samo ulogovani korisnici] Name:SoftwareBundler:Win32/InstallMonster ID:223130 Severity:High Category:Software Bundler Path Found:clsid:HKLM\SOFTWARE\CLASSES\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80};file:C:\Users\RPRIVEL\AppData\Local\Temp\KMSPico10.0.9__8174_il4189.exe;regkey:HKLM\SOFTWARE\CLASSES\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80} Detection Type:Concrete Detection Source:System Status:Unknown Process Name:c:\program files\windows defender\MpCmdRun.exe Date: 2017-11-01 07:01:05.660 Description: Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted:Current Error Code:0x80070002 Error description:The system cannot find the file specified. Signature version:0.0.0.0 Engine version:0.0.0.0 Date: 2017-02-03 09:09:21.931 Description: Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted:Current Error Code:0x80070002 Error description:The system cannot find the file specified. Signature version:0.0.0.0 Engine version:0.0.0.0 Date: 2016-05-09 16:00:35.061 Description: Windows Defender has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: [Link mogu videti samo ulogovani korisnici] Name:SoftwareBundler:Win32/Mizenota ID:223449 Severity:High Category:Software Bundler Path: Action:Remove Error Code:0x80508023 Error description:The program could not find the spyware and other potentially unwanted software on this computer. Status: ==================== Memory info =========================== Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz Percentage of memory in use: 93% Total physical RAM: 1534.87 MB Available physical RAM: 95.99 MB Total Virtual: 5557.37 MB Available Virtual: 1012.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:15.56 GB) NTFS Drive f: () (Fixed) (Total:29.29 GB) (Free:1.47 GB) NTFS ==>[system with boot components (obtained from drive)] Drive g: (Programi) (Fixed) (Total:203.58 GB) (Free:22.77 GB) NTFS \\?\Volume{a780abc9-6a50-11e5-ae61-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 8EC18EC1) Partition 1: (Active) - (Size=29.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=203.6 GB) - (Type=0F Extended) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 11EEB606) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================

Profil

Sass Drake Poslao: 20 Mar 2019 02:21 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [151552 2011-11-10] (A.E.T. Europe B.V.) [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [Application] => C:\Users\RPRIVEL\Downloads\app.exe [430592 2018-07-16] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [VJ4PGZIX] => C:\Program Files\Jkpmx9h\drtpdxahwz7ha0.exe [452096 2019-03-01] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [remcos] => C:\Users\RPRIVEL\AppData\Roaming\remcos\remcos.exe [584712 2019-03-08] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [I8TPPR5XCN] => C:\Program Files\N7nlxhtox\pfilizzsdxb.exe [278528 2019-03-12] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [Java] => C:\Users\RPRIVEL\TRACERT\bi.exe [592400 2019-03-15] () [File not signed] FF Extension: (Microsoft Forms 2.0 Frame) - C:\Users\RPRIVEL\AppData\Roaming\Mozilla\Firefox\Profiles\zx7cb365.default\Extensions\{6E07E0AB-0882-E3DF-D85D-9BF1907C0423} [2016-06-11] [Legacy] [not signed] FF user.js: detected! => C:\Users\RPRIVEL\AppData\Roaming\Mozilla\Firefox\Profiles\zx7cb365.default\user.js [2016-08-31] FF ProfilePath: C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default [2019-03-18] <==== ATTENTION FF user.js: detected! => C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default\user.js [2016-06-11] FF Extension: (Microsoft Forms 2.0 Frame) - C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default\Extensions\{6E07E0AB-0882-E3DF-D85D-9BF1907C0423} [2016-06-11] [Legacy] [not signed] CHR Profile: C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-03-18] <==== ATTENTION 1986-02-02 01:00 - 1986-02-02 01:00 - 000002243 _____ () C:\Users\RPRIVEL\AppData\Roaming\BottleoCashew.RRa 1989-01-04 01:00 - 1989-01-04 01:00 - 000049780 _____ () C:\Users\RPRIVEL\AppData\Roaming\Cheapskate.9nv 2016-05-09 14:41 - 2016-05-09 14:41 - 000948736 _____ () C:\Users\RPRIVEL\AppData\Roaming\INCHITY.del 2016-06-07 01:55 - 2016-06-07 01:55 - 000019968 _____ (Sonic Solutions) C:\Users\RPRIVEL\AppData\Roaming\Pwgen.dll 2016-05-09 14:41 - 2016-05-09 14:41 - 000848437 _____ () C:\Users\RPRIVEL\AppData\Roaming\SANKIX.del 2016-05-09 14:41 - 2016-05-09 14:41 - 000948736 _____ () C:\Users\RPRIVEL\AppData\Roaming\VOL-TRAX.del 2016-05-09 14:43 - 2016-05-09 14:42 - 000041472 _____ () C:\Users\RPRIVEL\AppData\Local\Anottrans.dat 2016-05-09 14:43 - 2016-05-09 14:42 - 000000187 _____ () C:\Users\RPRIVEL\AppData\Local\Anottrans.exe.config Task: {20F2DA2D-D70D-42BA-88D6-94478FC31E0B} - \Qifiryplohele Builder -> No File <==== ATTENTION Task: {8C00EE6C-1B9C-4A8F-8299-348041B3FDDD} - System32\Tasks\MpSigStub => C:\Users\RPRIVEL\BdeSysprep\AppVReporting.exe () [File not signed] Task: {92F33C26-7653-468C-B517-24D18A6B57B7} - \PPI Update -> No File <==== ATTENTION Task: {C90D1B58-8D37-403A-938C-6DF3FE4C8DBE} - System32\Tasks\browser_broker => C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\AppData\Roaming\remcos C:\Program Files\Jkpmx9h C:\Program Files\N7nlxhtox C:\Users\RPRIVEL\TRACERT U okviru Notepad-a klikni na File --> Save As Pod Encoding izaberi UTF-8. Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Profil

zoxknez Poslao: 20 Mar 2019 08:13 Idi na vrh
offline zoxknez Zaslužni građanin Pridružio: 27 Avg 2005 Poruke: 563	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Scan Tool (x86) Version: 17-03-2019 Ran by RPRIVEL (20-03-2019 08:00:07) Run:1 Running from C:\Users\RPRIVEL\Desktop\first Loaded Profiles: RPRIVEL (Available Profiles: RPRIVEL) Boot Mode: Normal ============================================== fixlist content: *************** HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [151552 2011-11-10] (A.E.T. Europe B.V.) [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [Application] => C:\Users\RPRIVEL\Downloads\app.exe [430592 2018-07-16] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [VJ4PGZIX] => C:\Program Files\Jkpmx9h\drtpdxahwz7ha0.exe [452096 2019-03-01] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [remcos] => C:\Users\RPRIVEL\AppData\Roaming\remcos\remcos.exe [584712 2019-03-08] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [I8TPPR5XCN] => C:\Program Files\N7nlxhtox\pfilizzsdxb.exe [278528 2019-03-12] () [File not signed] HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\...\Run: [Java] => C:\Users\RPRIVEL\TRACERT\bi.exe [592400 2019-03-15] () [File not signed] FF Extension: (Microsoft Forms 2.0 Frame) - C:\Users\RPRIVEL\AppData\Roaming\Mozilla\Firefox\Profiles\zx7cb365.default\Extensions\{6E07E0AB-0882-E3DF-D85D-9BF1907C0423} [2016-06-11] [Legacy] [not signed] FF user.js: detected! => C:\Users\RPRIVEL\AppData\Roaming\Mozilla\Firefox\Profiles\zx7cb365.default\user.js [2016-08-31] FF ProfilePath: C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default [2019-03-18] <==== ATTENTION FF user.js: detected! => C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default\user.js [2016-06-11] FF Extension: (Microsoft Forms 2.0 Frame) - C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default\Extensions\{6E07E0AB-0882-E3DF-D85D-9BF1907C0423} [2016-06-11] [Legacy] [not signed] CHR Profile: C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-03-18] <==== ATTENTION 1986-02-02 01:00 - 1986-02-02 01:00 - 000002243 _____ () C:\Users\RPRIVEL\AppData\Roaming\BottleoCashew.RRa 1989-01-04 01:00 - 1989-01-04 01:00 - 000049780 _____ () C:\Users\RPRIVEL\AppData\Roaming\Cheapskate.9nv 2016-05-09 14:41 - 2016-05-09 14:41 - 000948736 _____ () C:\Users\RPRIVEL\AppData\Roaming\INCHITY.del 2016-06-07 01:55 - 2016-06-07 01:55 - 000019968 _____ (Sonic Solutions) C:\Users\RPRIVEL\AppData\Roaming\Pwgen.dll 2016-05-09 14:41 - 2016-05-09 14:41 - 000848437 _____ () C:\Users\RPRIVEL\AppData\Roaming\SANKIX.del 2016-05-09 14:41 - 2016-05-09 14:41 - 000948736 _____ () C:\Users\RPRIVEL\AppData\Roaming\VOL-TRAX.del 2016-05-09 14:43 - 2016-05-09 14:42 - 000041472 _____ () C:\Users\RPRIVEL\AppData\Local\Anottrans.dat 2016-05-09 14:43 - 2016-05-09 14:42 - 000000187 _____ () C:\Users\RPRIVEL\AppData\Local\Anottrans.exe.config Task: {20F2DA2D-D70D-42BA-88D6-94478FC31E0B} - \Qifiryplohele Builder -> No File <==== ATTENTION Task: {8C00EE6C-1B9C-4A8F-8299-348041B3FDDD} - System32\Tasks\MpSigStub => C:\Users\RPRIVEL\BdeSysprep\AppVReporting.exe () [File not signed] Task: {92F33C26-7653-468C-B517-24D18A6B57B7} - \PPI Update -> No File <==== ATTENTION Task: {C90D1B58-8D37-403A-938C-6DF3FE4C8DBE} - System32\Tasks\browser_broker => C:\Users\RPRIVEL\TRACERT\bi.exe () [File not signed] C:\Users\RPRIVEL\AppData\Roaming\remcos C:\Program Files\Jkpmx9h C:\Program Files\N7nlxhtox C:\Users\RPRIVEL\TRACERT *************** "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CertificateRegistration" => removed successfully. "HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Application" => removed successfully. "HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\Software\Microsoft\Windows\CurrentVersion\Run\\VJ4PGZIX" => removed successfully. "HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\Software\Microsoft\Windows\CurrentVersion\Run\\remcos" => removed successfully. "HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\Software\Microsoft\Windows\CurrentVersion\Run\\I8TPPR5XCN" => removed successfully. "HKU\S-1-5-21-3615150473-1923277583-1539101694-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Java" => removed successfully. C:\Users\RPRIVEL\AppData\Roaming\Mozilla\Firefox\Profiles\zx7cb365.default\Extensions\{6E07E0AB-0882-E3DF-D85D-9BF1907C0423} => moved successfully C:\Users\RPRIVEL\AppData\Roaming\Mozilla\Firefox\Profiles\zx7cb365.default\Extensions\{6E07E0AB-0882-E3DF-D85D-9BF1907C0423} => path removed successfully. C:\Users\RPRIVEL\AppData\Roaming\Mozilla\Firefox\Profiles\zx7cb365.default\user.js => moved successfully C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default => moved successfully C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default => path removed successfully. "C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default\user.js" => not found "C:\Users\RPRIVEL\AppData\Roaming\Profiles\awtxx0nh.default\Extensions\{6E07E0AB-0882-E3DF-D85D-9BF1907C0423}" => not found C:\Users\RPRIVEL\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully C:\Users\RPRIVEL\AppData\Roaming\BottleoCashew.RRa => moved successfully C:\Users\RPRIVEL\AppData\Roaming\Cheapskate.9nv => moved successfully C:\Users\RPRIVEL\AppData\Roaming\INCHITY.del => moved successfully C:\Users\RPRIVEL\AppData\Roaming\Pwgen.dll => moved successfully C:\Users\RPRIVEL\AppData\Roaming\SANKIX.del => moved successfully C:\Users\RPRIVEL\AppData\Roaming\VOL-TRAX.del => moved successfully C:\Users\RPRIVEL\AppData\Local\Anottrans.dat => moved successfully C:\Users\RPRIVEL\AppData\Local\Anottrans.exe.config => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20F2DA2D-D70D-42BA-88D6-94478FC31E0B}" => removed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20F2DA2D-D70D-42BA-88D6-94478FC31E0B}" => removed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Qifiryplohele Builder" => removed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C00EE6C-1B9C-4A8F-8299-348041B3FDDD}" => removed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C00EE6C-1B9C-4A8F-8299-348041B3FDDD}" => removed successfully. C:\Windows\System32\Tasks\MpSigStub => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MpSigStub" => removed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92F33C26-7653-468C-B517-24D18A6B57B7}" => removed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92F33C26-7653-468C-B517-24D18A6B57B7}" => removed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PPI Update" => removed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C90D1B58-8D37-403A-938C-6DF3FE4C8DBE}" => removed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C90D1B58-8D37-403A-938C-6DF3FE4C8DBE}" => removed successfully. C:\Windows\System32\Tasks\browser_broker => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\browser_broker" => removed successfully. C:\Users\RPRIVEL\AppData\Roaming\remcos => moved successfully "C:\Program Files\Jkpmx9h" folder move: Could not move "C:\Program Files\Jkpmx9h" => Scheduled to move on reboot. "C:\Program Files\N7nlxhtox" folder move: Could not move "C:\Program Files\N7nlxhtox" => Scheduled to move on reboot. C:\Users\RPRIVEL\TRACERT => moved successfully Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 20-03-2019 08:13:03) C:\Program Files\Jkpmx9h => is moved successfully C:\Program Files\N7nlxhtox => is moved successfully ==== End of Fixlog 08:13:03 ====

Profil

Sass Drake Poslao: 20 Mar 2019 18:14 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: magna86 Registruj se da bi pohvalio/la poruku! Potrebno je da spakuješ folder C:\FRST\Quarantine u arhivu i pošalješ nam ga. Uđi u folder C:\FRST Desnim tasterom miša klini na folder Quarantine i izaberi opciju Add to archive... kao na slici Kao Archive format izaberi 7z Za Compression level odaberi Ultra (napomena: ako dobiješ grešku da nema dovoljno memorije, stavi na Maximum ili Normal) Za Compression method stavi LZMA2 ili LZMA U polje Split to volumes, bytes unesi 5000000 (slovima: pet miliona) Na desnoj strani označi opciju Compress Shared Files (pogledaj sliku dole) Klikni na OK Kada 7-Zip završi sa kompresovanjem, dobijene fajlove uploaduj (jedan po jedan) na: [Link mogu videti samo ulogovani korisnici]

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provera

Ko je trenutno na forumu

Ukupno su 897 korisnika na forumu :: 52 registrovanih, 8 sakrivenih i 837 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Rade, A.R.Chafee.Jr., aleph_one, ambra, Asparagus, bakovaca, Bane5, bankulen, boromir, Botovac, bufanje, DalmatinacMF, DeerHunter, doom83, DPera, DuškoMraz, Ezbuck, geo.dule, gost321, gregorxix, HogarStrashni, iceburn, Jan, Jeremiah, Joint Chief, JOntra, Jozo74, Lance Guest, ljubo70, MagicniHerpes, Marko43, milbos, moldway, Orc, Parker, Pegggio, Permaldar, Pero, procesor, royst33, Sonic, strn, suponik, tamno.nebo, tecataki, tomo2, Tragač, trutcina, Tvrtko I, volimpivuvolimrakiju, Walkers, zil10

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by