MyCity » Ambulanta -> Arhiva Ambulante » Provera sistema

Provera sistema

Napisano na dan: 25.1.2016

Provera sistema

Sledeća strana

Pagination

Odgovori

zoxknez Poslao: 25 Jan 2016 17:37 Idi na vrh
offline zoxknez Zaslužni građanin Pridružio: 27 Avg 2005 Poruke: 556	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Samo hocu da proverim sistem da li je sve ok Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-01-2016 Ran by notebook_kucni (administrator) on NOTEBOOK (25-01-2016 17:33:34) Running from C:\Users\notebook_kucni\Desktop Loaded Profiles: notebook_kucni (Available Profiles: notebook_kucni) Platform: Windows 10 Pro Version 1511 (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe () C:\Program Files (x86)\Connectify\ConnectifyService.exe () C:\Program Files (x86)\Vip Internet\BackgroundService\ServiceManager.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe () C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe () C:\Program Files (x86)\Vip Internet\BackgroundService\ModemListener.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (KVIrc Development Team) C:\Program Files (x86)\KVIrc\kvirc.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3251408 2015-09-23] (ELAN Microelectronics Corp.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [VIP_Serbia Silverstone ModemListener] => C:\Program Files (x86)\Vip Internet\BackgroundService\ModemListener.exe [109120 2013-01-11] () HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [36864 2007-05-04] ( ) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-867317268-2096827586-2001851490-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation) HKU\S-1-5-21-867317268-2096827586-2001851490-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.) HKU\S-1-5-21-867317268-2096827586-2001851490-1001\...\MountPoints2: {8150dfcb-4008-11e4-be72-88532edd6ddb} - "E:\autorun.exe" HKU\S-1-5-21-867317268-2096827586-2001851490-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{926e611a-b5a5-48d3-9a3c-8779665ff195}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{95f37e76-8def-4ac5-97c7-4887d8f60b2e}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Internet Explorer: ================== BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-06] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-06] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\notebook_kucni\AppData\Roaming\Mozilla\Firefox\Profiles\ca7092uo.default FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @huawei.com/NPPlugin -> C:\Program Files (x86)\Web_TV\WebTVPlugin\NPPlugin.dll [2015-04-23] () FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-06] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] CHR Extension: (Google Drive) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Tampermonkey) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-18] CHR Extension: (Google Docs Offline) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (AdBlock) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-20] CHR Extension: (Does Amazon Ship to ...?) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpnamfpkffldfnlkofbbebcndfdkclpc [2015-12-27] CHR Extension: ([CB] eRepublik) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcllofidbkalfnhfapholimfflgpojdp [2016-01-19] CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2015-04-15] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ChromeWMP/wmpChromeupdates.xml] <==== ATTENTION CHR Extension: (Google Play) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-12-07] CHR Extension: (Chrome Web Store Payments) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24] CHR Extension: (Gmail) - C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [69632 2011-09-29] () [File not signed] R2 ETDService; C:\Program Files\Elantech\ETDService.exe [139984 2015-09-23] (ELAN Microelectronics Corp.) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation) S2 mts mobilni internet. RunOuc; C:\Program Files (x86)\mts mobilni internet\UpdateDog\ouc.exe [239968 2014-09-20] () R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.) R2 VIP_Serbia Silverstone Modem Device Helper; C:\Program Files (x86)\Vip Internet\BackgroundService\ServiceManager.exe [58192 2013-01-14] () R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AlcatelOTnet; C:\Windows\System32\drivers\AlcatelOTUsbnet.sys [138752 2013-01-11] (TCT International Mobile Ltd) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.) R1 cnnctfy2; C:\Windows\system32\DRIVERS\cnnctfy2.sys [31344 2014-12-31] (Connectify) R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [41024 2015-09-23] (ELAN Microelectronic Corp.) S3 HWHandSet; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [223232 2015-05-07] (Huawei Technologies Co., Ltd.) S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [120832 2013-01-11] (TCT International Mobile Ltd) R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-30] (Windows (R) Win 7 DDK provider) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R1 {e920b931-4015-4acf-9561-0197bd6bfe7e}Gw64; C:\Windows\System32\drivers\{e920b931-4015-4acf-9561-0197bd6bfe7e}Gw64.sys [48784 2014-11-18] (StdLib) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-25 17:33 - 2016-01-25 17:34 - 00013295 _____ C:\Users\notebook_kucni\Desktop\FRST.txt 2016-01-25 17:33 - 2016-01-25 17:33 - 00000000 ____D C:\FRST 2016-01-25 17:32 - 2016-01-25 17:33 - 02370560 _____ (Farbar) C:\Users\notebook_kucni\Desktop\FRST64.exe 2016-01-25 07:33 - 2016-01-25 07:33 - 00000000 ___HD C:\OneDriveTemp 2016-01-24 13:31 - 2016-01-24 13:33 - 65335222 _____ C:\Users\notebook_kucni\Downloads\megasrbija106.rar 2016-01-22 09:48 - 2016-01-22 09:48 - 00001233 _____ C:\Users\Public\Desktop\Kerish Doctor 2016.lnk 2016-01-22 09:48 - 2014-04-05 18:38 - 00059880 _____ (Kerish Products) C:\WINDOWS\system32\GPUTemp.dll 2016-01-22 09:47 - 2016-01-22 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kerish Doctor 2016-01-22 09:47 - 2016-01-22 09:47 - 00000000 ____D C:\ProgramData\Kerish Products 2016-01-22 09:47 - 2016-01-22 09:47 - 00000000 ____D C:\Program Files (x86)\Kerish Doctor 2016-01-22 09:47 - 2014-04-05 18:38 - 00059880 _____ (Kerish Products) C:\WINDOWS\SysWOW64\GPUTemp.dll 2016-01-22 09:46 - 2016-01-22 09:47 - 25705000 _____ (Kerish Products ) C:\Users\notebook_kucni\Downloads\Setup.exe 2016-01-22 04:45 - 2016-01-22 04:45 - 00053418 _____ C:\Users\notebook_kucni\Downloads\o0o0o0o (1).user.js 2016-01-22 04:44 - 2016-01-22 04:44 - 00071963 _____ C:\Users\notebook_kucni\Downloads\tmScripts.txt 2016-01-22 00:22 - 2016-01-25 07:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-15 19:47 - 2016-01-15 19:47 - 00000975 _____ C:\Users\notebook_kucni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2016-01-15 19:44 - 2016-01-15 19:45 - 44319904 _____ C:\Users\notebook_kucni\Downloads\torbrowser-install-5.0.7_en-US.exe 2016-01-13 07:20 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-13 07:20 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-13 07:19 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-13 07:19 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-01-13 07:19 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-01-13 07:19 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-13 07:19 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-13 07:19 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-13 07:19 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-13 07:19 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-13 07:19 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-01-13 07:19 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-01-13 07:19 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-13 07:19 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-13 07:19 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-13 07:19 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-13 07:19 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-13 07:19 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-13 07:19 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2016-01-13 07:19 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-01-13 07:19 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-13 07:19 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-13 07:19 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-13 07:19 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-13 07:19 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-13 07:19 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2016-01-13 07:19 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-13 07:19 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-01-13 07:19 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-13 07:19 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-13 07:19 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2016-01-13 07:19 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-13 07:19 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-13 07:19 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-13 07:19 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-13 07:19 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-13 07:19 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-13 07:19 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-01-13 07:19 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll 2016-01-13 07:19 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll 2016-01-13 07:19 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-01-13 07:19 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-01-13 07:19 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2016-01-13 07:19 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-01-13 07:19 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-01-13 07:19 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-01-13 07:19 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-13 07:19 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-01-13 07:19 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-01-13 07:19 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-13 07:19 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-01-13 07:19 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2016-01-13 07:19 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll 2016-01-13 07:19 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-13 07:19 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-13 07:19 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll 2016-01-13 07:19 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-01-13 07:19 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-13 07:19 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-13 07:19 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-13 07:19 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-01-13 07:19 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2016-01-13 07:19 - 2016-01-05 02:43 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-01-13 07:19 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2016-01-13 07:19 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-13 07:19 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-01-13 07:19 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-01-13 07:19 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-13 07:19 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-01-13 07:19 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-13 07:19 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll 2016-01-13 07:19 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-01-13 07:19 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-13 07:19 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-01-13 07:19 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-13 07:19 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-13 07:19 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-13 07:19 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-13 07:19 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-01-13 07:19 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-01-13 07:19 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-13 07:19 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-01-13 07:19 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-13 07:19 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-13 07:19 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-01-13 07:18 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-13 07:18 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-01-13 07:18 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-10 20:00 - 2016-01-10 20:00 - 00012405 _____ C:\Users\notebook_kucni\Downloads\Plan revizije planograma 2016 sve.xlsx 2016-01-10 20:00 - 2016-01-10 20:00 - 00012405 _____ C:\Users\notebook_kucni\Downloads\Plan revizije planograma 2016 sve (1).xlsx 2016-01-06 19:48 - 2016-01-06 19:48 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-01-06 19:48 - 2016-01-06 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-01-06 18:24 - 2016-01-06 18:24 - 00584288 _____ (Oracle Corporation) C:\Users\notebook_kucni\Downloads\JavaSetup8u66.exe 2016-01-06 12:06 - 2016-01-06 12:06 - 03572853 _____ C:\Users\notebook_kucni\Downloads\__ (1).zip 2016-01-06 11:59 - 2016-01-06 11:59 - 00192174 _____ C:\Users\notebook_kucni\Downloads\__.zip 2016-01-06 11:57 - 2016-01-06 11:57 - 05227292 _____ C:\Users\notebook_kucni\Downloads\____.zip 2016-01-05 17:50 - 2016-01-05 17:51 - 13348504 _____ C:\Users\notebook_kucni\Downloads\_____.zip 2015-12-31 05:04 - 2015-12-31 05:04 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2015-12-30 00:32 - 2016-01-22 10:14 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-30 00:29 - 2015-12-30 00:29 - 00000000 ____D C:\Windows.old 2015-12-30 00:28 - 2015-12-30 00:28 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL 2015-12-30 00:28 - 2015-12-30 00:28 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2015-12-30 00:28 - 2015-12-30 00:28 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2015-12-30 00:28 - 2015-12-30 00:28 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2015-12-30 00:28 - 2015-12-30 00:28 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2015-12-30 00:28 - 2015-12-30 00:28 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2015-12-30 00:27 - 2015-12-30 00:27 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2015-12-30 00:27 - 2015-12-30 00:27 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-12-30 00:27 - 2015-12-30 00:27 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-12-30 00:27 - 2015-12-30 00:27 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL 2015-12-30 00:27 - 2015-12-30 00:27 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2015-12-30 00:27 - 2015-12-30 00:27 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2015-12-30 00:27 - 2015-12-30 00:27 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys 2015-12-30 00:27 - 2015-12-30 00:27 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe 2015-12-30 00:27 - 2015-12-30 00:27 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2015-12-30 00:23 - 2015-12-30 00:23 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-12-30 00:21 - 2015-12-30 00:21 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-12-30 00:21 - 2015-12-30 00:21 - 00000000 ____D C:\Program Files\MSBuild 2015-12-30 00:21 - 2015-12-30 00:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-12-30 00:21 - 2015-12-30 00:21 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-12-30 00:20 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-12-30 00:20 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-12-30 00:20 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-12-30 00:20 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-12-30 00:20 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-12-30 00:20 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-12-30 00:15 - 2016-01-25 07:34 - 00000000 ____D C:\Users\notebook_kucni\AppData\Local\ApplicationHistory 2015-12-30 00:15 - 2015-12-30 00:15 - 00000000 ____D C:\ProgramData\ATI 2015-12-30 00:13 - 2015-12-30 00:13 - 00000000 ____D C:\Users\notebook_kucni\AppData\Local\ActiveSync 2015-12-30 00:10 - 2015-12-30 00:10 - 00000020 ___SH C:\Users\notebook_kucni\ntuser.ini 2015-12-30 00:03 - 2016-01-25 07:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-29 23:53 - 2015-12-29 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-12-29 23:53 - 2015-12-29 23:53 - 00000000 ____D C:\Program Files\ATI Technologies 2015-12-29 23:52 - 2015-12-29 23:52 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2015-12-29 23:52 - 2015-12-29 23:52 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2015-12-29 23:52 - 2015-12-29 23:52 - 00000000 ____D C:\Program Files\AMD 2015-12-29 23:51 - 2015-12-29 23:51 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-12-29 23:51 - 2015-12-29 23:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI 2015-12-29 23:51 - 2015-12-29 23:51 - 00000000 ____D C:\Users\Default\AppData\Local\ATI 2015-12-29 23:51 - 2015-12-29 23:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI 2015-12-29 23:51 - 2015-12-29 23:51 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI 2015-12-29 23:46 - 2015-12-29 23:46 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2015-12-29 23:43 - 2016-01-02 19:12 - 00000000 ____D C:\Users\notebook_kucni 2015-12-29 23:40 - 2015-12-29 23:52 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2015-12-29 23:40 - 2015-12-29 23:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf 2015-12-29 23:40 - 2015-12-29 23:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETD_01009.Wdf 2015-12-29 23:40 - 2015-12-29 23:40 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2015-12-29 23:39 - 2015-12-29 23:46 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-29 23:39 - 2015-12-29 23:46 - 00000000 ____D C:\Program Files\Elantech 2015-12-29 23:39 - 2015-12-29 23:39 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-12-29 23:39 - 2015-12-29 23:39 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2015-12-29 23:39 - 2015-12-29 23:39 - 00000000 ____D C:\Program Files\Realtek 2015-12-29 23:39 - 2015-12-29 23:39 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2015-12-29 23:37 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-12-29 23:34 - 2016-01-22 10:25 - 00334112 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-29 22:47 - 2015-12-29 22:47 - 00015936 _____ C:\Users\notebook_kucni\Downloads\POD_7989960790.pdf 2015-12-28 17:57 - 2015-12-28 17:58 - 09664904 _____ (TeamViewer GmbH) C:\Users\notebook_kucni\Downloads\TeamViewer_Setup_sr-iod.exe 2015-12-26 07:45 - 2015-12-26 07:45 - 11611938 _____ C:\Users\notebook_kucni\Downloads\KREMANSKA VODA elementi dizajna FINAL.cdr ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-25 17:33 - 2015-10-30 07:28 - 00000000 ____D C:\Windows 2016-01-25 17:09 - 2014-08-26 15:22 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-25 16:37 - 2014-08-27 10:05 - 00000424 _____ C:\WINDOWS\Tasks\update-sys.job 2016-01-25 15:10 - 2014-08-27 10:05 - 00000424 _____ C:\WINDOWS\Tasks\update-S-1-5-21-867317268-2096827586-2001851490-1001.job 2016-01-25 14:04 - 2014-08-26 23:14 - 00004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3832A205-4F48-42D6-BCB5-0415D7085BF5} 2016-01-25 09:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-25 07:37 - 2015-11-24 18:51 - 00895920 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-25 07:37 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-01-25 07:37 - 2014-10-02 13:38 - 00000000 ____D C:\Users\notebook_kucni\AppData\Local\Adobe 2016-01-25 07:35 - 2015-12-04 18:41 - 00000420 _____ C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job 2016-01-25 07:33 - 2014-08-27 15:50 - 00000000 __RDO C:\Users\notebook_kucni\OneDrive 2016-01-25 07:32 - 2014-12-31 11:22 - 00000519 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2016-01-25 07:31 - 2014-12-17 16:08 - 00000000 ____D C:\ProgramData\VMware 2016-01-25 07:31 - 2014-08-26 15:22 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-25 07:30 - 2014-11-28 13:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-24 21:08 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-01-24 12:05 - 2015-11-26 00:33 - 00000000 ____D C:\Users\notebook_kucni\AppData\Roaming\HPPlugin 2016-01-24 09:10 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-22 10:19 - 2015-12-04 18:53 - 00000000 ____D C:\Users\notebook_kucni\AppData\Roaming\CoreFTP 2016-01-22 10:19 - 2015-08-10 19:45 - 00000000 ____D C:\Users\notebook_kucni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP 2016-01-22 10:19 - 2014-10-27 18:00 - 00000000 ____D C:\Users\notebook_kucni\Desktop\Sve sa desja 2016-01-22 10:19 - 2014-09-22 20:31 - 00000000 ____D C:\Users\notebook_kucni\AppData\Roaming\uTorrent 2016-01-22 10:17 - 2014-12-26 03:51 - 00000000 ____D C:\Users\notebook_kucni\AppData\Roaming\Notepad++ 2016-01-22 10:02 - 2014-12-11 21:17 - 00000000 ____D C:\Users\notebook_kucni\AppData\Roaming\TeamViewer 2016-01-22 10:02 - 2014-11-13 23:41 - 00000000 ____D C:\Program Files (x86)\Steam 2016-01-22 10:01 - 2015-06-17 11:38 - 00000000 ____D C:\Users\notebook_kucni\AppData\Local\CrashDumps 2016-01-14 12:01 - 2015-02-07 16:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-01-14 12:01 - 2015-02-07 16:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-01-14 12:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-13 18:01 - 2015-02-07 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-01-13 17:59 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-13 17:58 - 2014-08-26 17:36 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-13 17:51 - 2014-08-26 17:36 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-12 21:48 - 2015-11-26 05:53 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-01-12 21:48 - 2015-11-26 05:53 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-01-06 19:49 - 2014-11-03 03:05 - 00000000 ____D C:\ProgramData\Oracle 2016-01-06 19:48 - 2014-11-03 03:05 - 00000000 ____D C:\Program Files (x86)\Java 2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-31 01:00 - 2015-02-17 20:10 - 00000000 ____D C:\Users\notebook_kucni\AppData\Roaming\ViberPC 2015-12-30 03:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat 2015-12-30 00:51 - 2015-11-24 19:45 - 00000000 ___RD C:\Users\notebook_kucni\3D Objects 2015-12-30 00:33 - 2014-08-26 15:17 - 00000000 ____D C:\Users\notebook_kucni\AppData\Local\Packages 2015-12-30 00:32 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2015-12-30 00:29 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2015-12-30 00:29 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2015-12-30 00:29 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-12-30 00:29 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB 2015-12-30 00:29 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning 2015-12-30 00:29 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2015-12-30 00:29 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-12-30 00:29 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-12-30 00:17 - 2015-11-24 19:07 - 00002428 _____ C:\Users\notebook_kucni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-30 00:11 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-12-30 00:11 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-12-30 00:11 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-12-30 00:11 - 2015-09-10 06:44 - 00000000 __RHD C:\Users\Public\AccountPictures 2015-12-30 00:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2015-12-30 00:08 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration 2015-12-30 00:08 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-12-30 00:07 - 2014-08-26 22:51 - 00040008 _____ C:\WINDOWS\diagwrn.xml 2015-12-30 00:07 - 2014-08-26 22:51 - 00040008 _____ C:\WINDOWS\diagerr.xml 2015-12-30 00:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-12-30 00:03 - 2015-12-04 18:41 - 00002738 _____ C:\WINDOWS\System32\Tasks\FreeFileViewerUpdateChecker 2015-12-30 00:03 - 2015-03-26 00:57 - 00002250 _____ C:\WINDOWS\System32\Tasks\{C1D127FC-1BE4-40BD-8C45-69AFDC190545} 2015-12-30 00:03 - 2014-11-12 15:00 - 00003110 _____ C:\WINDOWS\System32\Tasks\Java Update Scheduler 2015-12-30 00:03 - 2014-10-13 16:56 - 00002764 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-zoran11@open.telekom.rs 2015-12-30 00:03 - 2014-08-27 10:05 - 00003026 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-867317268-2096827586-2001851490-1001 2015-12-30 00:03 - 2014-08-27 10:05 - 00002858 _____ C:\WINDOWS\System32\Tasks\update-sys 2015-12-30 00:03 - 2014-08-26 22:59 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-12-30 00:03 - 2014-08-26 15:23 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-867317268-2096827586-2001851490-1001 2015-12-30 00:03 - 2014-08-26 15:22 - 00003436 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-30 00:03 - 2014-08-26 15:22 - 00003212 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-30 00:02 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries 2015-12-29 23:54 - 2015-12-04 18:53 - 00000000 ____D C:\Users\notebook_kucni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Core FTP (x64) 2015-12-29 23:54 - 2015-12-04 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileViewer 2015-12-29 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\ModemLogs 2015-12-29 23:54 - 2015-10-02 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot 2015-12-29 23:54 - 2015-08-10 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-12-29 23:54 - 2015-06-04 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTML-Kit Tools 2015-12-29 23:54 - 2015-06-04 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTML-Kit 2015-12-29 23:54 - 2015-06-02 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-12-29 23:54 - 2015-04-18 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap 2015-12-29 23:54 - 2015-01-26 22:23 - 00000000 ____D C:\Users\notebook_kucni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2015-12-29 23:54 - 2015-01-16 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid 2015-12-29 23:54 - 2014-12-31 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify 2015-12-29 23:54 - 2014-12-26 03:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-12-29 23:54 - 2014-12-17 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB 2015-12-29 23:54 - 2014-12-17 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2015-12-29 23:54 - 2014-12-13 13:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast 2015-12-29 23:54 - 2014-11-26 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player 2015-12-29 23:54 - 2014-11-13 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-12-29 23:54 - 2014-11-13 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2015-12-29 23:54 - 2014-11-05 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-12-29 23:54 - 2014-10-16 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vip Internet 2015-12-29 23:54 - 2014-10-13 16:56 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2015-12-29 23:54 - 2014-09-28 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit) 2015-12-29 23:54 - 2014-09-20 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mts mobilni internet 2015-12-29 23:54 - 2014-08-26 15:27 - 00000000 ____D C:\Users\notebook_kucni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-12-29 23:54 - 2014-08-26 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-12-29 23:54 - 2014-08-26 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KVIrc 2015-12-29 23:54 - 2014-08-26 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-29 23:52 - 2015-11-24 18:24 - 00000000 ____D C:\AMD 2015-12-29 23:52 - 2015-07-10 10:47 - 00000000 ____D C:\Users\Default.migrated 2015-12-29 23:48 - 2015-10-30 19:04 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2015-12-29 23:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2015-12-29 23:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2015-12-29 23:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2015-12-29 23:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2015-12-29 23:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE 2015-12-29 23:47 - 2015-10-30 19:04 - 00000000 ____D C:\WINDOWS\system32\slmgr 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\IME 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-12-29 23:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod 2015-12-29 23:47 - 2014-11-05 14:53 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2015-12-29 23:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2015-12-29 23:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2015-12-29 23:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS 2015-12-29 23:46 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate 2015-12-29 23:46 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-12-29 23:46 - 2015-10-11 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-12-29 23:46 - 2015-04-18 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamingStar 2015-12-29 23:46 - 2015-01-18 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2015-12-29 23:46 - 2014-10-01 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices 2015-12-29 23:45 - 2014-11-13 23:52 - 00000000 ____D C:\Users\notebook_kucni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-12-29 23:43 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-12-29 23:34 - 2015-10-30 19:15 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2015-12-29 23:06 - 2015-10-30 20:03 - 00000000 ___HD C:\$WINDOWS.~BT ==================== Files in the root of some directories ======= 2015-11-22 14:44 - 2015-11-22 14:58 - 0002674 _____ () C:\Users\notebook_kucni\AppData\Roaming\droid4xinstaller.log 2014-11-05 14:49 - 2014-11-05 14:49 - 0000038 ___SH () C:\Users\notebook_kucni\AppData\Local\69ff07055291669bb2b218.72821112 2015-08-22 20:43 - 2015-08-22 20:43 - 0000102 _____ () C:\Users\notebook_kucni\AppData\Local\fusioncache.dat 2014-08-27 10:05 - 2014-08-27 10:05 - 0000003 _____ () C:\Users\notebook_kucni\AppData\Local\updater.log 2014-08-27 10:05 - 2015-10-02 22:51 - 0000424 _____ () C:\Users\notebook_kucni\AppData\Local\UserProducts.xml 2014-08-26 22:59 - 2014-08-26 23:03 - 0122135 _____ () C:\ProgramData\1409090394.1828.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0009471 _____ () C:\ProgramData\1409090394.1980.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0002959 _____ () C:\ProgramData\1409090394.2196.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0000739 _____ () C:\ProgramData\1409090394.2604.bin 2014-08-26 23:00 - 2014-08-26 23:03 - 0003190 _____ () C:\ProgramData\1409090394.2884.bin 2014-08-26 22:59 - 2014-08-26 23:03 - 0037778 _____ () C:\ProgramData\1409090394.3740.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0000739 _____ () C:\ProgramData\1409090394.3764.bin 2014-08-26 23:00 - 2014-08-26 23:03 - 0001314 _____ () C:\ProgramData\1409090394.380.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0017943 _____ () C:\ProgramData\1409090394.4048.bin 2014-08-26 22:59 - 2014-08-26 23:00 - 0007309 _____ () C:\ProgramData\1409090394.432.bin 2014-08-26 23:03 - 2014-08-26 23:03 - 0088194 _____ () C:\ProgramData\1409090394.4608.bin 2014-08-26 23:06 - 2014-08-26 23:06 - 0064800 _____ () C:\ProgramData\1409090799.bdinstall.bin 2014-08-26 23:12 - 2014-08-26 23:12 - 0303423 _____ () C:\ProgramData\1409091031.bdinstall.bin 2015-12-29 23:40 - 2015-12-29 23:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some zero byte size files/folders: ========================== C:\Windows\System32\BDSandBoxUH.dll C:\Windows\System32\BDSandBoxUISkin.dll C:\Windows\System32\BDSandBoxUISkin32.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-16 08:25 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-01-2016 Ran by notebook_kucni (2016-01-25 17:35:19) Running from C:\Users\notebook_kucni\Desktop Windows 10 Pro (X64) (2015-12-29 23:09:04) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-867317268-2096827586-2001851490-500 - Administrator - Disabled) ASPNET (S-1-5-21-867317268-2096827586-2001851490-1006 - Limited - Enabled) DefaultAccount (S-1-5-21-867317268-2096827586-2001851490-503 - Limited - Disabled) Guest (S-1-5-21-867317268-2096827586-2001851490-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-867317268-2096827586-2001851490-1004 - Limited - Enabled) notebook_kucni (S-1-5-21-867317268-2096827586-2001851490-1001 - Administrator - Enabled) => C:\Users\notebook_kucni ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-867317268-2096827586-2001851490-1001\...\uTorrent) (Version: 3.4.5.41162 - BitTorrent Inc.) Ableton Live 9 Trial (HKLM-x32\...\{934D1F32-C76F-4570-8B1C-0FC8B72F24F9}) (Version: 9.0.0.0 - Ableton) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) AirDroid 3.0.2 (HKLM-x32\...\AirDroid) (Version: 3.0.2 - Sand Studio) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM-x32\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.) CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden Connectify (HKLM\...\Connectify) (Version: 3.1.0.21402 - Connectify) Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version: - ) Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation) ETDWare X64 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.) FileZilla Client 3.11.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.1 - Tim Kosse) Free File Viewer 2014 (HKLM-x32\...\FreeFileViewer_is1) (Version: 2014.2.16.0 - Bitberry Software) <==== ATTENTION Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version: - ) hppMSRedist (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden hppusgP1000 (x32 Version: 000.000.00003 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.) HTML-Kit 292 (HKLM-x32\...\HTMLKit_is1) (Version: 1.0 - HTMLKit.com) HTML-Kit Tools (HKLM-x32\...\HTMLKitTools_is1) (Version: 1.0 - HTML-Kit.com) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation) ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Kerish Doctor 2016 (HKLM-x32\...\{EF70A54F-E09E-4570-8F21-C7674CDDB5B6}_is1) (Version: 4.60 - Kerish Products) KVIrc (HKLM-x32\...\KVIrc) (Version: - Szymon Stefanek and The KVIrc Development Team) Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains) MarketResearch (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Mozilla Firefox 43.0.1 (x86 sr) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 sr)) (Version: 43.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla) Mozilla Thunderbird 31.2.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 en-US)) (Version: 31.2.0 - Mozilla) MrvlUsgTracking (HKLM-x32\...\{02C85EC5-E864-4847-AF55-42730861004C}) (Version: 1.0.0 - Marvell) mts mobilni internet (HKLM-x32\...\mts mobilni internet) (Version: 21.005.15.02.532 - Huawei Technologies Co.,Ltd) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.1 - Notepad++ Team) Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.) Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.) SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) URL Helper (HKLM-x32\...\URL Helper_is1) (Version: - ) Viber (HKU\S-1-5-21-867317268-2096827586-2001851490-1001\...\Viber) (Version: 5.2.0.2546 - Viber Media Inc) Vip Internet (HKLM-x32\...\Silverstone Vip Internet_is1) (Version: - VIP_Serbia) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.0.0 - VMware, Inc) VMware Player (Version: 7.0.0 - VMware, Inc.) Hidden WebTV Plugin (HKLM-x32\...\{3824BC79-F29F-43BD-83AF-2A2048536708}) (Version: 6.16.9.5 - WebTV Plugin) WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies) WinRAR 5.11 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-867317268-2096827586-2001851490-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\notebook_kucni\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {06D8B95D-39AF-47A3-AFD9-3BFEC9F0E2CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {255FAEFB-A6F8-49E9-8BCE-27BC74DBBD03} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {28AB3E72-9DFC-4AEE-B65F-42657A4C03FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {2B578C4B-C177-4FE3-9743-7AFED3CDF1C5} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] () Task: {3D2B8C9C-09AA-4784-A1FE-0FE8ED519707} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {4106B580-D181-4F7B-8EE8-563F1D255ED6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {60F008C8-9546-44C9-8879-41C643970E19} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {7FFDF373-235F-4B42-AD3F-4A3D2BAACA53} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {8650E05E-51A3-43B5-8FB0-E5223010E8F4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {8DE20F90-B3B8-46D2-BD2F-96A00E73CF23} - \CCleanerSkipUAC -> No File <==== ATTENTION Task: {AA80EA83-EE50-4CD6-83C7-86E5F0C789BF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {B6DD0879-8F64-4094-9297-DCCA96564806} - System32\Tasks\{C1D127FC-1BE4-40BD-8C45-69AFDC190545} => pcalua.exe -a C:\Microgaming\Casino\GoWild\install.exe -c -uninstall Task: {C816E4E5-897F-4184-B276-CBCFCB578CF0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {C973B183-1451-47F1-9505-7CED2DCA2FCA} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-zoran11@open.telekom.rs => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {CEA0D23D-34AC-4200-A020-5B5C40919EA5} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2013-03-25] (Bitberry Software) <==== ATTENTION Task: {D711AC60-EE02-4011-A27F-29F1896EA674} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {DD3B29EB-E398-4E29-8F06-36CF4E61A5BD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-11-09] (Oracle Corporation) Task: {E42343ED-9870-4244-9E19-D4E0FB68ABCE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {E5B6FF91-0808-496D-A454-044E27E7BA72} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation) Task: {F05E6900-A3EE-4D36-AC3B-37B3D663184C} - System32\Tasks\update-S-1-5-21-867317268-2096827586-2001851490-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] () Task: {F71C628F-A29F-40B1-9C7E-A1F27F4C7690} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {F9AED126-C4BB-4B60-972A-FF6FED4BE690} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\update-S-1-5-21-867317268-2096827586-2001851490-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2011-09-29 19:10 - 2011-09-29 19:10 - 00069632 _____ () C:\Program Files (x86)\Connectify\ConnectifyService.exe 2014-10-16 09:10 - 2013-01-14 13:50 - 00058192 _____ () C:\Program Files (x86)\Vip Internet\BackgroundService\ServiceManager.exe 2016-01-25 07:31 - 2014-09-20 15:42 - 00239968 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe 2016-01-13 07:19 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 07:20 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-13 07:20 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-13 07:19 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-12-30 00:27 - 2015-12-30 00:27 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-30 00:27 - 2015-12-30 00:28 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2014-10-16 09:10 - 2013-01-11 08:23 - 00109120 _____ () C:\Program Files (x86)\Vip Internet\BackgroundService\ModemListener.exe 2016-01-22 14:00 - 2016-01-22 14:00 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2014-11-20 18:44 - 2014-11-20 18:44 - 01299136 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll 2011-09-29 19:10 - 2011-09-29 19:10 - 00022856 _____ () C:\Program Files (x86)\Connectify\DriverLib.dll 2011-09-29 19:10 - 2011-09-29 19:10 - 00441672 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll 2011-09-29 19:10 - 2011-09-29 19:10 - 00014152 _____ () C:\Program Files (x86)\Connectify\BuildProps.dll 2011-09-29 19:10 - 2011-09-29 19:10 - 00669000 _____ () C:\Program Files (x86)\Connectify\Vendors.dll 2014-09-20 15:44 - 2014-09-20 15:42 - 00011362 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\mingwm10.dll 2014-09-20 15:44 - 2014-09-20 15:42 - 00043008 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\libgcc_s_dw2-1.dll 2014-09-20 15:44 - 2014-09-20 15:43 - 02415104 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\QtCore4.dll 2014-09-20 15:44 - 2014-09-20 15:43 - 01148416 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\QtNetwork4.dll 2014-09-20 15:44 - 2014-09-20 15:43 - 00383488 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\QueryStrategy.dll 2014-09-20 15:44 - 2014-09-20 15:43 - 00398336 _____ () C:\ProgramData\mts mobilni internet\OnlineUpdate\QtXml4.dll 2012-07-04 15:50 - 2012-07-04 15:50 - 01347511 _____ () C:\Program Files (x86)\KVIrc\libkvilib.dll 2012-05-13 08:01 - 2012-05-13 08:01 - 00101390 _____ () C:\Program Files (x86)\KVIrc\libz-1.dll 2011-05-10 09:53 - 2011-05-10 09:53 - 00043008 _____ () C:\Program Files (x86)\KVIrc\libgcc_s_dw2-1.dll 2011-05-10 09:53 - 2011-05-10 09:53 - 00011362 _____ () C:\Program Files (x86)\KVIrc\mingwm10.dll 2012-07-04 16:04 - 2012-07-04 16:04 - 00320056 _____ () C:\Program Files (x86)\KVIrc\modules\libkvitrayicon.dll 2012-07-04 15:59 - 2012-07-04 15:59 - 00399129 _____ () C:\Program Files (x86)\KVIrc\modules\libkvinotifier.dll 2012-07-04 15:58 - 2012-07-04 15:58 - 00455440 _____ () C:\Program Files (x86)\KVIrc\modules\libkvihelp.dll 2015-05-22 15:44 - 2015-05-22 15:44 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2016-01-22 14:00 - 2016-01-22 14:00 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 14:00 - 2016-01-22 14:00 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-01-15 05:10 - 2016-01-12 17:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll 2016-01-15 05:10 - 2016-01-12 17:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll 2016-01-20 04:28 - 2016-01-19 14:06 - 16792256 _____ () C:\Users\notebook_kucni\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.286\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-06-12 19:42 - 2015-06-16 16:20 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts # ::1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-867317268-2096827586-2001851490-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\notebook_kucni\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\northernlights1.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-867317268-2096827586-2001851490-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-867317268-2096827586-2001851490-1001\...\StartupApproved\Run: => "Steam" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{DD594FAA-32C3-404C-92A5-2E7D972CAE3D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{ECD348C3-07B6-4B52-9E58-929D259F67D8}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{B4913F27-7334-4F8B-8D2B-7FFF02772D9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{36E76E18-02F9-4442-AA3C-29F16EC4A91E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{C7104522-2F47-41E0-BFBE-5741A8127B9B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{E090DB6A-49FC-469A-8048-42D792541DD6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{78483D62-6974-4BD0-A0E5-0C0AB460CBD9}] => (Allow) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe FirewallRules: [UDP Query User{43993EAD-51FF-4141-80E7-D80CFB5364AD}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{52F08B4F-CCC7-4E9E-979D-0DA513B62E9F}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{100C0673-84CA-4E03-8675-BA36A3272A4E}C:\program files (x86)\kvirc\kvirc.exe] => (Allow) C:\program files (x86)\kvirc\kvirc.exe FirewallRules: [TCP Query User{D99D7A2C-9F71-4D1F-BA54-25B567F3CEA2}C:\program files (x86)\kvirc\kvirc.exe] => (Allow) C:\program files (x86)\kvirc\kvirc.exe FirewallRules: [{FB0984F1-48F1-4061-8306-B2B7912E3345}] => (Allow) C:\Users\notebook_kucni\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3B478636-3BCC-468E-B021-33A63660C382}] => (Allow) C:\Users\notebook_kucni\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{91708354-02E3-4950-9080-2EF7AF803DBB}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{10D7AD8A-17AC-4467-B2AB-601A7477467D}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe FirewallRules: [TCP Query User{3CC3A245-5DDE-4C66-8B2F-48DAF45DAACF}C:\program files (x86)\kvirc\kvirc.exe] => (Allow) C:\program files (x86)\kvirc\kvirc.exe FirewallRules: [UDP Query User{1EA1D0A9-463E-4C75-9916-B5C2E5B4DE64}C:\program files (x86)\kvirc\kvirc.exe] => (Allow) C:\program files (x86)\kvirc\kvirc.exe FirewallRules: [TCP Query User{3A5C0184-45C6-4C3A-A5AB-4F2403EBA243}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{7D32D13D-3D55-4789-96D0-C4B2F93B1B73}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [{031B9012-FFA8-4A74-819D-00B36E152413}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7C44B510-C420-4AE1-84F5-39B737E36FBA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{0E9427FD-4584-4DBC-A37A-0193170D1C0A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{43D53A1D-969A-4952-A37B-342F59E8BCD2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{1AC3F8E2-8931-4B70-AA08-29C7E01C7EC1}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [UDP Query User{F2944998-68FB-476E-B393-9523D29773C1}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [{FBCA0D57-8373-4A52-BDD9-47C6AFABCD94}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{14FA7E75-10A8-4EE6-BC27-34DE0362AFEE}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [TCP Query User{666338A8-79AF-4378-8717-0853221CA9C0}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe FirewallRules: [UDP Query User{B76CC703-2A6A-46BD-90F4-201FA722A527}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe FirewallRules: [{ACCEE216-78B9-409F-9513-032C425AD2EE}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{72F074D7-1137-4673-B07D-D05E363AE89A}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{853BF93A-79C0-4700-94F8-3C9546DD2664}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{0EB5444B-6256-4F47-A548-46BF9EB6BC3A}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{FB14CAE3-7376-4F56-AB4D-F5B0C0CE3660}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [TCP Query User{40805CE3-1AD4-4FA8-9955-65C77B1B4D86}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe FirewallRules: [UDP Query User{34084CAE-EAE9-44A2-B132-FD33BD0FB362}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe FirewallRules: [TCP Query User{D95B9FBC-9D3E-43CE-8FD6-DEF40E13B609}C:\users\notebook_kucni\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\notebook_kucni\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{C064BCF2-0BCC-41A7-9BC4-A11D333BEF0B}C:\users\notebook_kucni\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\notebook_kucni\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [TCP Query User{17640FDA-B9BA-47FE-9092-AF1E6E7EB3C8}C:\users\notebook_kucni\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\notebook_kucni\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{59B904C4-9BD1-479E-A128-D5BD3DC933B9}C:\users\notebook_kucni\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\notebook_kucni\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [TCP Query User{E41C7B58-FD24-440F-A592-19115C5792AF}C:\users\notebook_kucni\appdata\local\ie tab\8.4.13.1\ietabhelper.exe] => (Allow) C:\users\notebook_kucni\appdata\local\ie tab\8.4.13.1\ietabhelper.exe FirewallRules: [UDP Query User{3F29F387-A471-4438-943D-AE4B701B77EA}C:\users\notebook_kucni\appdata\local\ie tab\8.4.13.1\ietabhelper.exe] => (Allow) C:\users\notebook_kucni\appdata\local\ie tab\8.4.13.1\ietabhelper.exe FirewallRules: [{FFA61BD6-79B7-44BC-9A3E-1BE2110B8A89}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{88873CF4-8418-47CB-A1D8-577EF75375ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{58384186-BFAB-4F64-A339-5434C8412D74}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE FirewallRules: [{FDCFBD72-980A-4A4A-8909-19E3DA9F65AE}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE FirewallRules: [TCP Query User{90F57A5F-3990-41E9-8847-531428093720}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{F72386FB-996B-4989-9A9D-06E6507CC621}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{1E8D7F0D-F2F4-46D3-BF43-9A2CCDE04DE3}C:\users\notebook_kucni\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\notebook_kucni\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe FirewallRules: [{44759517-396C-40F4-A24C-9252C1B66766}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe FirewallRules: [{7337E53F-0C37-40B3-8168-06FCD6AC9B68}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 06-01-2016 00:08:28 Windows Modules Installer 13-01-2016 17:51:08 Windows Update 21-01-2016 17:42:39 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/25/2016 07:32:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NOTEBOOK) Description: Package Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend. Error: (01/22/2016 10:27:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NOTEBOOK) Description: Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (01/22/2016 10:26:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SearchUI.exe, version: 10.0.10586.63, time stamp: 0x568b1fdc Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10586.63, time stamp: 0x568b22e4 Exception code: 0xc000027b Fault offset: 0x00000000006fcb4b Faulting process ID: 0xdb8 Faulting application start time: 0xSearchUI.exe0 Faulting application path: SearchUI.exe1 Faulting module path: SearchUI.exe2 Report ID: SearchUI.exe3 Faulting package full name: SearchUI.exe4 Faulting package-relative application ID: SearchUI.exe5 Error: (01/21/2016 05:42:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (01/20/2016 07:57:44 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (01/20/2016 01:26:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NOTEBOOK) Description: Package Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend. Error: (01/17/2016 02:17:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NOTEBOOK) Description: Package Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend. Error: (01/16/2016 11:26:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NOTEBOOK) Description: Package Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend. Error: (01/16/2016 07:58:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NOTEBOOK) Description: Package Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend. Error: (01/13/2016 05:51:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . System errors: ============= Error: (01/25/2016 07:31:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The mts mobilni internet. RunOuc service failed to start due to the following error: %%1053 Error: (01/25/2016 07:31:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the mts mobilni internet. RunOuc service to connect. Error: (01/24/2016 09:08:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_1f5bf service to connect. Error: (01/24/2016 09:08:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_1f5bf service to connect. Error: (01/24/2016 09:08:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_1f5bf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (01/24/2016 09:08:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_1f5bf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (01/24/2016 09:08:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_1f5bf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (01/24/2016 09:08:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_1f5bf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (01/24/2016 09:08:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (01/22/2016 10:26:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The mts mobilni internet. RunOuc service failed to start due to the following error: %%1053 CodeIntegrity: =================================== Date: 2016-01-25 13:42:10.459 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-25 13:42:10.449 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-25 13:42:10.405 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-25 09:23:56.182 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-25 09:23:56.124 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-25 09:23:31.185 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-25 09:23:31.077 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-23 14:36:31.851 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-23 14:36:31.842 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-23 14:36:07.882 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2467M CPU @ 1.60GHz Percentage of memory in use: 58% Total physical RAM: 3990.23 MB Available physical RAM: 1652.68 MB Total Virtual: 4694.23 MB Available Virtual: 2216.54 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:443.33 GB) (Free:387.56 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 403DA53B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=443.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=457 MB) - (Type=27) Partition 4: (Not Active) - (Size=21.9 GB) - (Type=12) ======================================================== Disk: 1 (Size: 14.9 GB) (Disk ID: 74F02DEA) Partition 1: (Not Active) - (Size=10.6 GB) - (Type=73) Partition 2: (Not Active) - (Size=4.3 GB) - (Type=84) ==================== End of Addition.txt ============================

Profil

Sass Drake Poslao: 25 Jan 2016 22:40 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe. Ako neki odbije deinstalaciju preskoči ga i pređi na sljedeći. Free File Viewer 2014 Korak 2 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. CreateRestorePoint: R1 {e920b931-4015-4acf-9561-0197bd6bfe7e}Gw64; C:\Windows\System32\drivers\{e920b931-4015-4acf-9561-0197bd6bfe7e}Gw64.sys [48784 2014-11-18] (StdLib) C:\Windows\System32\drivers\{e920b931-4015-4acf-9561-0197bd6bfe7e}Gw64.sys HKU\S-1-5-21-867317268-2096827586-2001851490-1001\...\MountPoints2: {8150dfcb-4008-11e4-be72-88532edd6ddb} - "E:\autorun.exe" 2015-11-22 14:44 - 2015-11-22 14:58 - 0002674 _____ () C:\Users\notebook_kucni\AppData\Roaming\droid4xinstaller.log 2014-11-05 14:49 - 2014-11-05 14:49 - 0000038 ___SH () C:\Users\notebook_kucni\AppData\Local\69ff07055291669bb2b218.72821112 2015-08-22 20:43 - 2015-08-22 20:43 - 0000102 _____ () C:\Users\notebook_kucni\AppData\Local\fusioncache.dat 2014-08-27 10:05 - 2014-08-27 10:05 - 0000003 _____ () C:\Users\notebook_kucni\AppData\Local\updater.log 2014-08-27 10:05 - 2015-10-02 22:51 - 0000424 _____ () C:\Users\notebook_kucni\AppData\Local\UserProducts.xml 2014-08-26 22:59 - 2014-08-26 23:03 - 0122135 _____ () C:\ProgramData\1409090394.1828.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0009471 _____ () C:\ProgramData\1409090394.1980.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0002959 _____ () C:\ProgramData\1409090394.2196.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0000739 _____ () C:\ProgramData\1409090394.2604.bin 2014-08-26 23:00 - 2014-08-26 23:03 - 0003190 _____ () C:\ProgramData\1409090394.2884.bin 2014-08-26 22:59 - 2014-08-26 23:03 - 0037778 _____ () C:\ProgramData\1409090394.3740.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0000739 _____ () C:\ProgramData\1409090394.3764.bin 2014-08-26 23:00 - 2014-08-26 23:03 - 0001314 _____ () C:\ProgramData\1409090394.380.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0017943 _____ () C:\ProgramData\1409090394.4048.bin 2014-08-26 22:59 - 2014-08-26 23:00 - 0007309 _____ () C:\ProgramData\1409090394.432.bin 2014-08-26 23:03 - 2014-08-26 23:03 - 0088194 _____ () C:\ProgramData\1409090394.4608.bin 2014-08-26 23:06 - 2014-08-26 23:06 - 0064800 _____ () C:\ProgramData\1409090799.bdinstall.bin 2014-08-26 23:12 - 2014-08-26 23:12 - 0303423 _____ () C:\ProgramData\1409091031.bdinstall.bin 2015-12-29 23:40 - 2015-12-29 23:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Task: {8DE20F90-B3B8-46D2-BD2F-96A00E73CF23} - \CCleanerSkipUAC -> No File <==== ATTENTION EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt). Dopuna: 25 Jan 2016 22:40 Da li si ti instalirao ekstenziju Windows Media Player Extension for HTML5 za Chrome?

Profil

zoxknez Poslao: 26 Jan 2016 07:44 Idi na vrh
offline zoxknez Zaslužni građanin Pridružio: 27 Avg 2005 Poruke: 556	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sass Drake :: Korak 1 Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe. Ako neki odbije deinstalaciju preskoči ga i pređi na sljedeći. Free File Viewer 2014 Da li si ti instalirao ekstenziju Windows Media Player Extension for HTML5 za Chrome? Izbrisan je free file viewer 2014 Html5 sam ja instalirao jer je to bio jedini nacin da gledam telekomov web stream evo fix log: Fix result of Farbar Recovery Scan Tool (x64) Version:24-01-2016 Ran by notebook_kucni (2016-01-26 07:37:25) Run:1 Running from C:\Users\notebook_kucni\Desktop Loaded Profiles: notebook_kucni (Available Profiles: notebook_kucni) Boot Mode: Normal ============================================== fixlist content: *************** CreateRestorePoint: R1 {e920b931-4015-4acf-9561-0197bd6bfe7e}Gw64; C:\Windows\System32\drivers\{e920b931-4015-4acf-9561-0197bd6bfe7e}Gw64.sys [48784 2014-11-18] (StdLib) C:\Windows\System32\drivers\{e920b931-4015-4acf-9561-0197bd6bfe7e}Gw64.sys HKU\S-1-5-21-867317268-2096827586-2001851490-1001\...\MountPoints2: {8150dfcb-4008-11e4-be72-88532edd6ddb} - "E:\autorun.exe" 2015-11-22 14:44 - 2015-11-22 14:58 - 0002674 _____ () C:\Users\notebook_kucni\AppData\Roaming\droid4xinstaller.log 2014-11-05 14:49 - 2014-11-05 14:49 - 0000038 ___SH () C:\Users\notebook_kucni\AppData\Local\69ff07055291669bb2b218.72821112 2015-08-22 20:43 - 2015-08-22 20:43 - 0000102 _____ () C:\Users\notebook_kucni\AppData\Local\fusioncache.dat 2014-08-27 10:05 - 2014-08-27 10:05 - 0000003 _____ () C:\Users\notebook_kucni\AppData\Local\updater.log 2014-08-27 10:05 - 2015-10-02 22:51 - 0000424 _____ () C:\Users\notebook_kucni\AppData\Local\UserProducts.xml 2014-08-26 22:59 - 2014-08-26 23:03 - 0122135 _____ () C:\ProgramData\1409090394.1828.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0009471 _____ () C:\ProgramData\1409090394.1980.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0002959 _____ () C:\ProgramData\1409090394.2196.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0000739 _____ () C:\ProgramData\1409090394.2604.bin 2014-08-26 23:00 - 2014-08-26 23:03 - 0003190 _____ () C:\ProgramData\1409090394.2884.bin 2014-08-26 22:59 - 2014-08-26 23:03 - 0037778 _____ () C:\ProgramData\1409090394.3740.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0000739 _____ () C:\ProgramData\1409090394.3764.bin 2014-08-26 23:00 - 2014-08-26 23:03 - 0001314 _____ () C:\ProgramData\1409090394.380.bin 2014-08-26 23:00 - 2014-08-26 23:00 - 0017943 _____ () C:\ProgramData\1409090394.4048.bin 2014-08-26 22:59 - 2014-08-26 23:00 - 0007309 _____ () C:\ProgramData\1409090394.432.bin 2014-08-26 23:03 - 2014-08-26 23:03 - 0088194 _____ () C:\ProgramData\1409090394.4608.bin 2014-08-26 23:06 - 2014-08-26 23:06 - 0064800 _____ () C:\ProgramData\1409090799.bdinstall.bin 2014-08-26 23:12 - 2014-08-26 23:12 - 0303423 _____ () C:\ProgramData\1409091031.bdinstall.bin 2015-12-29 23:40 - 2015-12-29 23:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Task: {8DE20F90-B3B8-46D2-BD2F-96A00E73CF23} - \CCleanerSkipUAC -> No File <==== ATTENTION EmptyTemp: *************** Restore point was successfully created. {e920b931-4015-4acf-9561-0197bd6bfe7e}Gw64 => Unable to stop service. {e920b931-4015-4acf-9561-0197bd6bfe7e}Gw64 => service removed successfully C:\Windows\System32\drivers\{e920b931-4015-4acf-9561-0197bd6bfe7e}Gw64.sys => moved successfully "HKU\S-1-5-21-867317268-2096827586-2001851490-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8150dfcb-4008-11e4-be72-88532edd6ddb}" => key removed successfully HKCR\CLSID\{8150dfcb-4008-11e4-be72-88532edd6ddb} => key not found. C:\Users\notebook_kucni\AppData\Roaming\droid4xinstaller.log => moved successfully C:\Users\notebook_kucni\AppData\Local\69ff07055291669bb2b218.72821112 => moved successfully C:\Users\notebook_kucni\AppData\Local\fusioncache.dat => moved successfully C:\Users\notebook_kucni\AppData\Local\updater.log => moved successfully C:\Users\notebook_kucni\AppData\Local\UserProducts.xml => moved successfully C:\ProgramData\1409090394.1828.bin => moved successfully C:\ProgramData\1409090394.1980.bin => moved successfully C:\ProgramData\1409090394.2196.bin => moved successfully C:\ProgramData\1409090394.2604.bin => moved successfully C:\ProgramData\1409090394.2884.bin => moved successfully C:\ProgramData\1409090394.3740.bin => moved successfully C:\ProgramData\1409090394.3764.bin => moved successfully C:\ProgramData\1409090394.380.bin => moved successfully C:\ProgramData\1409090394.4048.bin => moved successfully C:\ProgramData\1409090394.432.bin => moved successfully C:\ProgramData\1409090394.4608.bin => moved successfully C:\ProgramData\1409090799.bdinstall.bin => moved successfully C:\ProgramData\1409091031.bdinstall.bin => moved successfully C:\ProgramData\DP45977C.lfl => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DE20F90-B3B8-46D2-BD2F-96A00E73CF23}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DE20F90-B3B8-46D2-BD2F-96A00E73CF23}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found. EmptyTemp: => 85.4 MB temporary data Removed. The system needed a reboot. ==== End of Fixlog 07:38:57 ====

Profil

Sass Drake Poslao: 26 Jan 2016 20:58 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da obavimo još jednu provjeru za svaki slučaj. Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

zoxknez Poslao: 26 Jan 2016 23:34 Idi na vrh
offline zoxknez Zaslužni građanin Pridružio: 27 Avg 2005 Poruke: 556	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2016.01.26.07 rootkit: v2016.01.20.01 Windows 10 x64 NTFS Internet Explorer 11.63.10586.0 notebook_kucni :: NOTEBOOK [administrator] 26/01/2016 22:50:36 mbar-log-2016-01-26 (22-50-36).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 382654 Time elapsed: 41 minute(s), 35 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 26 Jan 2016 23:58 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

zoxknez Poslao: 27 Jan 2016 07:10 Idi na vrh
offline zoxknez Zaslužni građanin Pridružio: 27 Avg 2005 Poruke: 556	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! # DelFix v1.011 - Logfile created 27/01/2016 at 07:09:06 # Updated 18/08/2015 by Xplode # Username : notebook_kucni - NOTEBOOK # Operating System : Windows 10 Pro (64 bits) ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\Users\notebook_kucni\Desktop\mbar Deleted : C:\Users\notebook_kucni\Desktop\Addition.txt Deleted : C:\Users\notebook_kucni\Desktop\Fixlog.txt Deleted : C:\Users\notebook_kucni\Desktop\FRST.txt Deleted : C:\Users\notebook_kucni\Desktop\FRST64.exe ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #2 [Windows Modules Installer \| 01/05/2016 23:08:28] Deleted : RP #3 [Windows Update \| 01/13/2016 16:51:08] Deleted : RP #4 [Scheduled Checkpoint \| 01/21/2016 16:42:39] Deleted : RP #6 [Restore Point Created by FRST \| 01/26/2016 06:37:31] New restore point created ! ########## - EOF - ########## Postavio sam i sa drugog racunara log pa ako imas vremena da i to odradimo u svakom slucaju hvala

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provera sistema

Ko je trenutno na forumu

Ukupno su 1208 korisnika na forumu :: 44 registrovanih, 6 sakrivenih i 1158 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 8u47, ajo baba, AK - 230, aleksandarbl, babaroga, bojanM84, Brana01, cavatina, Denaya, Dimitrise93, djboj, doktor123, Dorcolac, FileFinder, ikan, Istman, Karla, kikisp, kjkszpj, Kubovac, kunktator, kybonacci, laganini123, Lieutenant, M1los, Marko Marković, Mi lao shu, milenko crazy north, Miloskec, milutin134, mnn2, nemkea71, novator, pein, Pohovani_00, procesor, Srle993, Trpe Grozni, tubular, virked, Vladko, wizzardone, zillbg, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by