Provera sistema

Provera sistema

offline
  • Pridružio: 15 Nov 2008
  • Poruke: 273
  • Gde živiš: Podgorica

Kaji su to FRST izvestaji?
Izvini sto pitam svasta ali neke stvari ne razumem :-)

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6061

Trebao sam biti jasniji. Ovde sve pise:

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Iskopiraj primarni FRST.txt izvestaj u tvoju poruku a sekundarni Addition log zakaci uz poruku. Opis nije potreban jer se nalazi na tvojoj originalnoj temi u Windows forumu.

offline
  • Pridružio: 15 Nov 2008
  • Poruke: 273
  • Gde živiš: Podgorica

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Moderator (administrator) on SINISA on 05-09-2014 15:55:03
Running from C:\Users\Moderator\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\Disktrix\UltimateDefrag4\UltimateDefrag.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3201536491-2584840422-2061497871-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3201536491-2584840422-2061497871-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-3201536491-2584840422-2061497871-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911040 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3201536491-2584840422-2061497871-1000\...\Policies\Explorer: [ForceRunOnStartMenu] 1
Startup: C:\Users\Moderator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\Microsoft Outlook 2010.lnk
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
BootExecute: autocheck autochk * ąąąąąąস؋￿￿￿￿￿￿䥕伮瑰潩獮䜮湥牥污嘮汯浵獥嘮汯⹄祔数

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.rs/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF28F1DAB79C8CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6500177A-E457-47F8-BEC7-479D34E2FD97}: [NameServer] 79.143.101.225 79.143.101.229
Tcpip\..\Interfaces\{DDEDCF80-CBCF-4E93-923C-E8E28E8F44E9}: [NameServer] 79.143.101.225 79.143.101.229
Tcpip\..\Interfaces\{FBC0467E-37E7-48BF-AC9C-9DCED5E641B8}: [NameServer] 79.143.101.225 79.143.101.229

FireFox:
========
FF ProfilePath: C:\Users\Moderator\AppData\Roaming\Mozilla\Firefox\Profiles\ktkva5u5.default
FF NewTab: hxxp://www.only-search.com/?babsrc=NT_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
FF Homepage: hxxp://www.only-search.com/?babsrc=HP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Moderator\AppData\Roaming\Mozilla\Firefox\Profiles\ktkva5u5.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-09-03]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-01-23]

Chrome:
=======
CHR HomePage: Default -> 2F9534F0A3929ABB125204278A0E8F27CAFB38C73A45C1C204A2B3C6439E14DF
CHR StartupUrls: Default -> "hxxp://www.only-search.com/?babsrc=HP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362", "https://www.google.rs/"
CHR DefaultSearchKeyword: Default -> only-search.com
CHR DefaultSearchURL: Default -> http://www.only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Moderator\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google документи) - C:\Users\Moderator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-03]
CHR Extension: (Google диск) - C:\Users\Moderator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Moderator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-03]
CHR Extension: (Google претрага) - C:\Users\Moderator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-03]
CHR Extension: (AVG Nation toolbar) - C:\Users\Moderator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-09-03]
CHR Extension: (Google новчаник) - C:\Users\Moderator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-03]
CHR Extension: (Gmail) - C:\Users\Moderator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-03]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Nation toolbar\ChromeExt\17.0.1.7\avg.crx [2013-09-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.14\AllShareFrameworkManagerDMS.exe [404360 2013-06-18] (Samsung) [File not signed]
S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [File not signed]
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [File not signed]
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-12-08] ()
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-12-07] (CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-12-07] (CyberLink)
S4 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-07-11] (Copyright 2013 SAMSUNG)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 Telenor Internet. RunOuc; C:\Program Files (x86)\Telenor Internet\UpdateDog\ouc.exe [239968 2012-11-13] ()
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-08-04] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-08-12] (EldoS Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [142120 2007-04-27] (SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [56872 2007-04-27] (SafeNet, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-08-10] (Duplex Secure Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-11-16] (CyberLink Corp.)
S3 NVNET; system32\DRIVERS\nvmf6264.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-05 15:55 - 2014-09-05 15:56 - 00018078 _____ () C:\Users\Moderator\Desktop\FRST.txt
2014-09-05 15:52 - 2014-09-05 15:55 - 00000000 ____D () C:\FRST
2014-09-05 15:51 - 2014-09-05 15:52 - 02104832 _____ (Farbar) C:\Users\Moderator\Desktop\FRST64.exe
2014-09-05 12:28 - 2014-09-05 12:28 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Nero
2014-09-05 12:21 - 2014-09-05 12:21 - 00000000 ____D () C:\Users\Moderator\Documents\Camtasia Studio
2014-09-05 12:20 - 2014-09-05 12:20 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Apple Computer
2014-09-05 12:19 - 2014-09-05 12:19 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Xilisoft
2014-09-05 12:17 - 2014-09-05 12:17 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-09-05 12:17 - 2014-09-05 12:17 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\ACD Systems
2014-09-05 12:10 - 2014-09-05 12:10 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-05 11:38 - 2014-09-05 11:38 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\WinRAR
2014-09-04 23:57 - 2014-09-05 00:03 - 00000610 __RSH () C:\Users\Moderator\ntuser.pol
2014-09-04 22:31 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-04 22:31 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-04 22:30 - 2014-09-04 22:31 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\GHISLER
2014-09-04 22:24 - 2014-09-04 22:24 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\TeamViewer
2014-09-04 22:23 - 2014-09-05 15:30 - 00000000 ____D () C:\Users\Moderator\Documents\Outlook Files
2014-09-04 22:00 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-09-04 22:00 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-09-04 22:00 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-09-04 22:00 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-09-04 22:00 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-09-04 22:00 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-04 22:00 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-09-04 22:00 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-04 22:00 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-09-04 22:00 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-09-04 22:00 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-09-04 22:00 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-09-04 22:00 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-09-04 22:00 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-09-04 22:00 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-04 22:00 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-09-04 21:59 - 2014-09-04 21:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-09-04 21:59 - 2014-09-04 21:59 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Synaptics
2014-09-04 21:53 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-09-04 21:53 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-04 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-04 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-04 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-04 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-04 21:52 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-04 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-04 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-04 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-04 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-04 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-04 21:52 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-04 21:52 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-04 21:49 - 2014-09-04 21:49 - 00002204 _____ () C:\Users\Moderator\Desktop\ArchiCAD 15.lnk
2014-09-04 21:31 - 2014-09-04 21:31 - 00002631 _____ () C:\Users\Moderator\Desktop\AutoCAD 12.lnk
2014-09-04 21:31 - 2014-09-04 21:31 - 00002625 _____ () C:\Users\Moderator\Desktop\CorelDRAW X5.lnk
2014-09-04 21:23 - 2014-09-04 21:23 - 00000000 ____D () C:\Users\Moderator\Documents\My Palettes
2014-09-04 21:21 - 2014-09-04 21:23 - 00000000 ____D () C:\Users\Moderator\Documents\Corel
2014-09-04 21:15 - 2014-09-04 21:17 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Corel
2014-09-04 21:10 - 2014-09-04 21:09 - 00000716 _____ () C:\Users\Moderator\Desktop\My Dokuments.lnk
2014-09-04 20:47 - 2014-09-04 20:47 - 00001419 _____ () C:\Users\Moderator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-04 20:47 - 2014-09-04 20:47 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-04 20:36 - 2014-09-04 20:36 - 00000000 ____D () C:\Users\Public\Recorded TV
2014-09-04 18:15 - 2014-09-04 18:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SINISA-Microsoft-Windows-7-Ultimate-(64-bit).dat
2014-09-04 18:15 - 2014-09-04 18:15 - 00000000 ____D () C:\RegBackup
2014-09-04 18:10 - 2014-09-04 18:10 - 00003424 _____ () C:\bootsqm.dat
2014-09-04 17:44 - 2014-09-04 17:44 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-04 17:27 - 2014-09-04 17:27 - 00048797 _____ () C:\acadminidump.dmp
2014-09-04 17:25 - 2014-09-04 21:24 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Autodesk
2014-09-04 17:02 - 2014-09-04 22:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-04 17:01 - 2014-09-04 17:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-04 17:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-04 17:01 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-04 17:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-04 13:18 - 2014-09-04 13:18 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\PDF Writer
2014-09-04 02:59 - 2014-09-04 17:27 - 00000000 ____D () C:\Windows\system32\%LocalAppData%
2014-09-04 02:17 - 2014-09-04 02:17 - 00003144 _____ () C:\Windows\System32\Tasks\iolo Process Governor
2014-09-04 02:10 - 2014-08-12 23:38 - 00032912 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rawdsk3.sys
2014-09-04 02:00 - 2014-09-04 17:38 - 00000026 _____ () C:\Windows\Zone.Identifier
2014-09-04 00:35 - 2014-09-04 00:35 - 00000000 ____D () C:\Intel
2014-09-03 23:02 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-03 23:02 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-03 23:02 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-03 23:02 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-03 23:02 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-03 23:02 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-03 23:02 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-03 23:02 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-03 23:02 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-03 23:02 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-03 23:02 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-03 23:02 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-03 23:02 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-03 23:02 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-03 23:02 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-03 23:02 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-03 23:02 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-03 23:02 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-03 23:02 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-03 23:02 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-03 23:02 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-03 23:02 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-03 23:02 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-03 23:02 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-03 23:02 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-03 23:02 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-03 23:02 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-03 23:02 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-03 23:02 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-03 23:02 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-03 23:02 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-03 23:02 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-03 23:02 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-03 23:02 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-03 23:02 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-03 23:02 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-03 23:02 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-03 23:02 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-03 23:02 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-03 23:02 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-03 23:02 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-03 23:02 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-03 23:02 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-03 23:02 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-03 23:02 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-03 23:02 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-03 23:02 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-03 23:02 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-03 23:02 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-03 23:02 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-03 23:02 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-03 23:02 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-03 23:02 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-03 23:02 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-03 23:02 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-03 23:02 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-03 21:48 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-09-03 21:44 - 2014-09-03 21:44 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-03 21:44 - 2014-09-03 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-03 21:44 - 2014-09-03 21:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-03 21:44 - 2014-09-03 21:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-03 21:44 - 2014-09-03 21:44 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-03 21:44 - 2014-09-03 21:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-03 21:44 - 2014-09-03 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-03 21:17 - 2014-09-03 21:17 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-09-03 20:18 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-03 20:18 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-03 20:18 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-03 20:18 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-03 20:18 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-03 20:18 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-03 20:18 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-03 20:18 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-03 20:14 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-03 20:14 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-03 20:14 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-03 20:14 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-03 20:14 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-03 20:14 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-03 20:14 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-03 20:14 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-03 20:14 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-03 20:14 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-03 20:14 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-09-03 20:14 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-09-03 20:14 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-09-03 20:14 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-09-03 20:14 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-09-03 20:14 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-09-03 20:14 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-09-03 20:14 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-09-03 20:14 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-09-03 20:14 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-03 20:13 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-03 20:13 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-03 20:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-03 20:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-03 20:13 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-03 20:13 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-03 20:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-03 20:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-03 20:12 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-03 20:12 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-03 20:12 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-09-03 20:12 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-09-03 20:12 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-09-03 20:12 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-09-03 20:12 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-09-03 20:12 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-09-03 20:12 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-09-03 20:12 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-09-03 20:12 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-09-03 20:12 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-09-03 20:12 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-09-03 20:12 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-09-03 20:12 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-09-03 20:12 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-09-03 20:12 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-09-03 20:12 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-09-03 20:12 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-09-03 20:12 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-09-03 20:12 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-09-03 20:12 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-09-03 20:11 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-03 20:11 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-03 20:11 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-09-03 20:10 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-03 20:10 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-03 20:10 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-03 20:10 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-03 20:10 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-03 20:10 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-03 20:10 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-03 20:10 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-03 20:10 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-09-03 20:10 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-03 20:10 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-09-03 20:10 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-09-03 20:10 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-09-03 20:10 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-09-03 20:09 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-03 20:09 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-03 20:09 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-03 20:09 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-03 20:09 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-03 20:09 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-03 20:08 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-03 20:08 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-03 20:08 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-03 20:08 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-03 20:08 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-03 20:08 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-03 20:08 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-03 20:08 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-03 20:08 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-03 20:08 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-03 20:08 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-03 20:08 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-03 20:08 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-09-03 20:08 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-09-03 20:08 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-09-03 20:07 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-03 20:07 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-03 20:07 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-09-03 20:07 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-09-03 20:07 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-09-03 20:06 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-03 20:06 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-03 20:06 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-03 20:06 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-03 20:06 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-03 20:06 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-03 20:06 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-03 20:06 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-03 20:06 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-03 20:05 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-03 20:05 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-09-03 20:05 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-09-03 20:05 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-09-03 20:05 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-09-03 20:05 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-09-03 20:05 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-03 20:05 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-09-03 20:05 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-09-03 20:05 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-09-03 20:05 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-09-03 20:05 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-03 20:02 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-03 20:02 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-03 20:02 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-03 20:02 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-03 20:02 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-03 19:50 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-09-03 19:50 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-09-03 19:47 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-03 19:47 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-03 19:40 - 2014-09-03 19:40 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\AVG2014
2014-09-03 19:16 - 2014-09-05 12:12 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Adobe
2014-09-03 19:16 - 2014-09-03 19:16 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Macromedia
2014-09-03 19:13 - 2014-09-03 19:14 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Mozilla
2014-09-03 19:10 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-03 19:10 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-03 19:10 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-03 19:10 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-03 19:09 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-03 19:09 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-03 19:09 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-03 19:09 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-03 19:09 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-03 19:09 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-03 19:08 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-03 19:08 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-03 19:08 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-03 19:08 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-03 18:47 - 2014-09-05 15:19 - 01858218 ____N () C:\Windows\WindowsUpdate.log
2014-09-03 18:43 - 2014-09-03 18:43 - 00000020 ___SH () C:\Users\Moderator\ntuser.ini
2014-09-03 18:37 - 2014-09-03 18:37 - 00001429 _____ () C:\Windows\SysWOW64\debug.log
2014-09-03 18:33 - 2014-09-05 15:55 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Skype
2014-09-03 18:33 - 2014-09-05 00:03 - 00000000 ____D () C:\Users\Moderator
2014-09-03 18:33 - 2014-09-03 18:33 - 00000054 _____ () C:\Windows\SysWOW64\filevault.cfg
2014-08-31 17:28 - 2005-06-14 13:01 - 00296448 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\Drivers\hardlock.sys
2014-08-31 17:28 - 2002-08-29 01:00 - 01122304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.005
2014-08-31 17:28 - 1999-03-22 13:00 - 00638976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EXCEL9.OLB
2014-08-31 17:28 - 1999-03-22 13:00 - 00548864 _____ () C:\Windows\SysWOW64\MSWORD9.OLB
2014-08-31 17:28 - 1998-10-06 00:00 - 00598288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000
2014-08-31 17:28 - 1998-10-06 00:00 - 00164112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.001
2014-08-31 17:28 - 1998-10-06 00:00 - 00147728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.002
2014-08-31 17:28 - 1998-10-06 00:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.003
2014-08-31 17:28 - 1998-09-25 00:00 - 01409024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.004
2014-08-31 17:28 - 1997-01-13 00:00 - 00037136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJINT35.DLL
2014-08-31 17:28 - 1996-12-02 18:44 - 00024336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJTER35.DLL
2014-08-19 18:47 - 2014-09-05 11:26 - 00003144 _____ () C:\Windows\System32\Tasks\Update Service YourFileDownloader
2014-08-19 18:34 - 2014-08-19 18:34 - 00003204 _____ () C:\Windows\System32\Tasks\YourFileDownloader Installer Starter
2014-08-16 10:11 - 2014-08-16 10:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-06 10:50 - 2014-08-06 10:50 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-05 15:56 - 2014-09-05 15:55 - 00018078 _____ () C:\Users\Moderator\Desktop\FRST.txt
2014-09-05 15:55 - 2014-09-05 15:52 - 00000000 ____D () C:\FRST
2014-09-05 15:55 - 2014-09-03 18:33 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Skype
2014-09-05 15:52 - 2014-09-05 15:51 - 02104832 _____ (Farbar) C:\Users\Moderator\Desktop\FRST64.exe
2014-09-05 15:30 - 2014-09-04 22:23 - 00000000 ____D () C:\Users\Moderator\Documents\Outlook Files
2014-09-05 15:19 - 2014-09-03 18:47 - 01858218 ____N () C:\Windows\WindowsUpdate.log
2014-09-05 15:17 - 2012-11-10 00:23 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-05 15:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-05 15:04 - 2013-06-07 20:19 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-05 15:01 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-05 14:38 - 2013-07-08 20:33 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3201536491-2584840422-2061497871-1000UA.job
2014-09-05 14:31 - 2009-07-14 06:45 - 00026544 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-05 14:31 - 2009-07-14 06:45 - 00026544 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-05 12:28 - 2014-09-05 12:28 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Nero
2014-09-05 12:21 - 2014-09-05 12:21 - 00000000 ____D () C:\Users\Moderator\Documents\Camtasia Studio
2014-09-05 12:20 - 2014-09-05 12:20 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Apple Computer
2014-09-05 12:19 - 2014-09-05 12:19 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Xilisoft
2014-09-05 12:17 - 2014-09-05 12:17 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-09-05 12:17 - 2014-09-05 12:17 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\ACD Systems
2014-09-05 12:12 - 2014-09-03 19:16 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Adobe
2014-09-05 12:10 - 2014-09-05 12:10 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-05 11:39 - 2012-01-18 20:17 - 00000000 ____D () C:\Program Files (x86)\Disktrix
2014-09-05 11:39 - 2009-07-14 04:34 - 00000567 _____ () C:\Windows\win.ini
2014-09-05 11:38 - 2014-09-05 11:38 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\WinRAR
2014-09-05 11:26 - 2014-08-19 18:47 - 00003144 _____ () C:\Windows\System32\Tasks\Update Service YourFileDownloader
2014-09-05 00:25 - 2009-07-14 06:45 - 05123608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-05 00:22 - 2013-06-07 20:19 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-05 00:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-05 00:03 - 2014-09-04 23:57 - 00000610 __RSH () C:\Users\Moderator\ntuser.pol
2014-09-05 00:03 - 2014-09-03 18:33 - 00000000 ____D () C:\Users\Moderator
2014-09-04 22:37 - 2014-09-04 17:02 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-04 22:31 - 2014-09-04 22:30 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\GHISLER
2014-09-04 22:24 - 2014-09-04 22:24 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\TeamViewer
2014-09-04 21:59 - 2014-09-04 21:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-09-04 21:59 - 2014-09-04 21:59 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Synaptics
2014-09-04 21:49 - 2014-09-04 21:49 - 00002204 _____ () C:\Users\Moderator\Desktop\ArchiCAD 15.lnk
2014-09-04 21:37 - 2013-07-08 20:33 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3201536491-2584840422-2061497871-1000Core.job
2014-09-04 21:31 - 2014-09-04 21:31 - 00002631 _____ () C:\Users\Moderator\Desktop\AutoCAD 12.lnk
2014-09-04 21:31 - 2014-09-04 21:31 - 00002625 _____ () C:\Users\Moderator\Desktop\CorelDRAW X5.lnk
2014-09-04 21:24 - 2014-09-04 17:25 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Autodesk
2014-09-04 21:23 - 2014-09-04 21:23 - 00000000 ____D () C:\Users\Moderator\Documents\My Palettes
2014-09-04 21:23 - 2014-09-04 21:21 - 00000000 ____D () C:\Users\Moderator\Documents\Corel
2014-09-04 21:17 - 2014-09-04 21:15 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Corel
2014-09-04 21:09 - 2014-09-04 21:10 - 00000716 _____ () C:\Users\Moderator\Desktop\My Dokuments.lnk
2014-09-04 20:47 - 2014-09-04 20:47 - 00001419 _____ () C:\Users\Moderator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-04 20:47 - 2014-09-04 20:47 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-04 20:45 - 2009-07-14 07:13 - 00786622 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-04 20:36 - 2014-09-04 20:36 - 00000000 ____D () C:\Users\Public\Recorded TV
2014-09-04 20:35 - 2010-11-21 09:16 - 00000000 ____D () C:\Windows\CSC
2014-09-04 20:10 - 2012-01-10 04:21 - 00786622 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-04 18:15 - 2014-09-04 18:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SINISA-Microsoft-Windows-7-Ultimate-(64-bit).dat
2014-09-04 18:15 - 2014-09-04 18:15 - 00000000 ____D () C:\RegBackup
2014-09-04 18:10 - 2014-09-04 18:10 - 00003424 _____ () C:\bootsqm.dat
2014-09-04 17:46 - 2012-01-18 20:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-09-04 17:44 - 2014-09-04 17:44 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-04 17:38 - 2014-09-04 02:00 - 00000026 _____ () C:\Windows\Zone.Identifier
2014-09-04 17:27 - 2014-09-04 17:27 - 00048797 _____ () C:\acadminidump.dmp
2014-09-04 17:27 - 2014-09-04 02:59 - 00000000 ____D () C:\Windows\system32\%LocalAppData%
2014-09-04 17:18 - 2013-08-29 22:05 - 00000000 ____D () C:\Program Files (x86)\IGEMS_R9
2014-09-04 17:01 - 2014-09-04 17:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-04 13:18 - 2014-09-04 13:18 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\PDF Writer
2014-09-04 13:17 - 2012-11-10 00:23 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-04 13:17 - 2012-11-10 00:23 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-04 13:17 - 2012-01-18 19:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-04 13:00 - 2012-01-10 12:57 - 00000000 ____D () C:\Windows\Panther
2014-09-04 02:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-04 02:20 - 2012-11-05 10:00 - 00003242 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-09-04 02:17 - 2014-09-04 02:17 - 00003144 _____ () C:\Windows\System32\Tasks\iolo Process Governor
2014-09-04 01:31 - 2012-01-18 19:45 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-04 01:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-04 00:35 - 2014-09-04 00:35 - 00000000 ____D () C:\Intel
2014-09-03 22:38 - 2012-11-05 03:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-03 22:38 - 2012-11-04 19:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-03 22:38 - 2012-11-04 19:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-03 22:38 - 2012-01-18 19:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-03 22:31 - 2010-11-21 09:16 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-03 22:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-03 22:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-03 22:24 - 2012-01-23 20:00 - 00000039 _____ () C:\Windows\vbaddin.ini
2014-09-03 21:44 - 2014-09-03 21:44 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-03 21:44 - 2014-09-03 21:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-03 21:44 - 2014-09-03 21:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-03 21:44 - 2014-09-03 21:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-03 21:44 - 2014-09-03 21:44 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-03 21:44 - 2014-09-03 21:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-03 21:44 - 2014-09-03 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-03 21:44 - 2014-09-03 21:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-03 21:44 - 2014-09-03 21:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-03 21:17 - 2014-09-03 21:17 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-09-03 21:15 - 2014-01-14 00:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-03 19:40 - 2014-09-03 19:40 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\AVG2014
2014-09-03 19:16 - 2014-09-03 19:16 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Macromedia
2014-09-03 19:14 - 2014-09-03 19:13 - 00000000 ____D () C:\Users\Moderator\AppData\Roaming\Mozilla
2014-09-03 18:43 - 2014-09-03 18:43 - 00000020 ___SH () C:\Users\Moderator\ntuser.ini
2014-09-03 18:37 - 2014-09-03 18:37 - 00001429 _____ () C:\Windows\SysWOW64\debug.log
2014-09-03 18:34 - 2012-01-23 20:16 - 00000000 ____D () C:\Windows\pixtran
2014-09-03 18:33 - 2014-09-03 18:33 - 00000054 _____ () C:\Windows\SysWOW64\filevault.cfg
2014-08-31 17:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-08-24 12:57 - 2009-07-14 07:08 - 00032630 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-23 04:07 - 2014-09-03 20:02 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-09-03 20:02 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-09-03 20:02 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 18:34 - 2014-08-19 18:34 - 00003204 _____ () C:\Windows\System32\Tasks\YourFileDownloader Installer Starter
2014-08-16 10:11 - 2014-08-16 10:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-12 23:38 - 2014-09-04 02:10 - 00032912 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rawdsk3.sys
2014-08-06 10:50 - 2014-08-06 10:50 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-27 10:52

==================== End Of Log ============================




https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6061

Idea Savet. Okani se tih raznoraznih tuning programa koji tvrde da ce naciniti cudo od tvog sistema. Vec si valjda video i sam sta mogu da ucine ...
Oni jesu kompatibilni na Windows XP sistemima ali nisu pozeljni na Vista i novijim.





Arrow Bilo kako bilo, nema ovde aktivne infekcije. Sledeca scripta ce samo potuci neke ostatke i isprazniti temp & cache ...







Arrow
1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
File: C:\Windows\SysWOW64\MSJINT35.DLL
Folder: C:\Windows\SysWOW64\temp.005
Hosts:
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
FF NewTab: hxxp://www.only-search.com/?babsrc=NT_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
FF Homepage: hxxp://www.only-search.com/?babsrc=HP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
CHR HomePage: Default -> 2F9534F0A3929ABB125204278A0E8F27CAFB38C73A45C1C204A2B3C6439E14DF
CHR StartupUrls: Default -> "hxxp://www.only-search.com/?babsrc=HP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362", "https://www.google.rs/"
CHR DefaultSearchKeyword: Default -> only-search.com
CHR DefaultSearchURL: Default -> http://www.only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
Task: {2F76575E-318B-4ED0-AD12-074F1FAA3F6A} - System32\Tasks\Update Service YourFileDownloader => C:\Program Files (x86)\YourFileDownloaderUpdater\YourFileDownloaderUpdater.exe <==== ATTENTION
Task: {919B58C1-413C-43B3-8B29-BD6FA5195AA0} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {AE48DF0D-20E9-415A-9E5F-C6ECAF212EFB} - System32\Tasks\YourFileDownloader Installer Starter => C:\Users\MODERA~1\AppData\Local\Temp\YourFileDownloader5YkiJ5znp9.exe <==== ATTENTION
Task: {DFA243A9-C0DD-4D43-A232-A980E210569C} - \EPUpdater No Task File <==== ATTENTION
EmptyTemp:
C:\Windows\System32\Tasks\YourFileDownloader Installer Starter
C:\Program Files (x86)\YourFileDownloaderUpdater


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 15 Nov 2008
  • Poruke: 273
  • Gde živiš: Podgorica

Napisano: 05 Sep 2014 16:46

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02
Ran by Moderator at 2014-09-05 16:32:28 Run:1
Running from C:\Users\Moderator\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
File: C:\Windows\SysWOW64\MSJINT35.DLL
Folder: C:\Windows\SysWOW64\temp.005
Hosts:
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
FF NewTab: hxxp://www.only-search.com/?babsrc=NT_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
FF Homepage: hxxp://www.only-search.com/?babsrc=HP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
CHR HomePage: Default -> 2F9534F0A3929ABB125204278A0E8F27CAFB38C73A45C1C204A2B3C6439E14DF
CHR StartupUrls: Default -> "hxxp://www.only-search.com/?babsrc=HP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362", "https://www.google.rs/"
CHR DefaultSearchKeyword: Default -> only-search.com
CHR DefaultSearchURL: Default -> http://www.only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=17B0266D572BF03D&affID=129428&tt=020914_onst&tsp=5362
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
Task: {2F76575E-318B-4ED0-AD12-074F1FAA3F6A} - System32\Tasks\Update Service YourFileDownloader => C:\Program Files (x86)\YourFileDownloaderUpdater\YourFileDownloaderUpdater.exe <==== ATTENTION
Task: {919B58C1-413C-43B3-8B29-BD6FA5195AA0} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {AE48DF0D-20E9-415A-9E5F-C6ECAF212EFB} - System32\Tasks\YourFileDownloader Installer Starter => C:\Users\MODERA~1\AppData\Local\Temp\YourFileDownloader5YkiJ5znp9.exe <==== ATTENTION
Task: {DFA243A9-C0DD-4D43-A232-A980E210569C} - \EPUpdater No Task File <==== ATTENTION
EmptyTemp:
C:\Windows\System32\Tasks\YourFileDownloader Installer Starter
C:\Program Files (x86)\YourFileDownloaderUpdater
*****************


========================= File: C:\Windows\SysWOW64\MSJINT35.DLL ========================

MD5: 8472C0E32802199891D76D57879BD9D9
Creation and modification date: 2014-08-31 17:28 - 1997-01-13 00:00
Size: 0037136
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: MSJINT35
Original Name: MSJINT35.DLL
Product Name: Microsoft® Jet
Description: Microsoft Jet Database Engine International DLL
File Version: 3.50.3602.5
Product Version: 3.50.3602.5
Copyright: Copyright © Microsoft Corp. 1991-1996 All rights reserved.

====== End Of File: ======


========================= Folder: C:\Windows\SysWOW64\temp.005 ========================

The path is not a directory.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully.
"HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
Firefox newtab deleted successfully.
Firefox homepage deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2F76575E-318B-4ED0-AD12-074F1FAA3F6A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F76575E-318B-4ED0-AD12-074F1FAA3F6A}" => Key deleted successfully.
C:\Windows\System32\Tasks\Update Service YourFileDownloader not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service YourFileDownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{919B58C1-413C-43B3-8B29-BD6FA5195AA0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{919B58C1-413C-43B3-8B29-BD6FA5195AA0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE48DF0D-20E9-415A-9E5F-C6ECAF212EFB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE48DF0D-20E9-415A-9E5F-C6ECAF212EFB}" => Key deleted successfully.
C:\Windows\System32\Tasks\YourFileDownloader Installer Starter not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFileDownloader Installer Starter" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFA243A9-C0DD-4D43-A232-A980E210569C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFA243A9-C0DD-4D43-A232-A980E210569C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater" => Key deleted successfully.
"C:\Windows\System32\Tasks\YourFileDownloader Installer Starter" => File/Directory not found.
"C:\Program Files (x86)\YourFileDownloaderUpdater" => File/Directory not found.
EmptyTemp: => Removed 45.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====






https://www.mycity.rs/must-login.png

Dopuna: 05 Sep 2014 17:08

sta dalje?

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6061

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 15 Nov 2008
  • Poruke: 273
  • Gde živiš: Podgorica

Napisano: 05 Sep 2014 17:47

https://www.mycity.rs/must-login.png

Dopuna: 05 Sep 2014 17:53

jeli to to?
hvala puno..
imam jos jedan problem neznab dali je za ovde.
ne mogu da ugasim AUTO ARRANGE FILES ?

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6061

Ako sam te dobro razumeo, evo kako da iskljucis.

Necemo dalje da diskutujemo ovde, Ambulanta je forum iskljucivo za detekciju i uklanjanje malicioznih programa. Slobodno nastavi diskusiju u tvojoj originalnoj temi. Wink

I nema na cemu. Wink

Ko je trenutno na forumu
 

Ukupno su 424 korisnika na forumu :: 7 registrovanih, 3 sakrivenih i 414 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1567 - dana 15 Jul 2016 19:18

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: blue2, husky, Kubovac, lojola, Marko Marković, Pavlov A.A., wizzardone