MyCity » Ambulanta -> Arhiva Ambulante » Provjera laptopa

Provjera laptopa

Napisano na dan: 25.3.2015

Provjera laptopa

Sledeća strana

Pagination

Odgovori

Ljilja Hnovi Poslao: 25 Mar 2015 18:25 Idi na vrh
offline Ljilja Hnovi Prijatelj foruma Pridružio: 14 Okt 2012 Poruke: 3611 Gde živiš: Herceg Novi	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Imala sam problem sa laptopom Toshiba Satellite C660, Windows 7 / 64-bit. Temu sam otvorila + ovde i zahvaljujući Slobu, laptop sada radi super. Kako moram ispoštovati sve njegove preporuke, evo me kod vas. Samo da napomenem da sam koristila MBAM (nije ništa našao), a Avira jeste jednu bubicu. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Ljilja (administrator) on LJILJA-PC on 25-03-2015 17:54:50 Running from C:\Users\Ljilja\Desktop Loaded Profiles: Ljilja & (Available profiles: Ljilja) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp URLSearchHook: [S-1-5-21-1503208027-2844097221-2948931502-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ATTENTION ==> Default URLSearchHook is missing. SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000 -> DefaultScope {35D572E1-74D8-4E8C-9B9C-9DBE726E62CC} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000 -> {35D572E1-74D8-4E8C-9B9C-9DBE726E62CC} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {35D572E1-74D8-4E8C-9B9C-9DBE726E62CC} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {35D572E1-74D8-4E8C-9B9C-9DBE726E62CC} URL = https://www.google.com/search?q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-31] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-31] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) Toolbar: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File Toolbar: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553530000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default FF Homepage: https://www.google.me/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-22] () FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-31] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-31] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-22] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-01-23] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-01-23] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-01-23] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-01-23] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-01-23] (Apple Inc.) FF Extension: EHTip - C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default\Extensions\ehtip@robertkatic [2014-05-02] FF Extension: Reader - C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}.xpi [2015-03-21] FF Extension: Video DownloadHelper - C:\Users\Ljilja\AppData\Roaming\Mozilla\Firefox\Profiles\rkxgpdqk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-11] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon Chrome: ======= CHR HomePage: Default -> hxxp://google.me/ CHR StartupUrls: Default -> "hxxp://google.me/", "hxxp://www.default-search.net?sid=476&aid=104&itype=n&ver=11471&tm=262&src=hmp" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\internal-nacl-plugin No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll () CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java Deployment Toolkit 8.0.310.13) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll No File CHR Plugin: (Java(TM) Platform SE 8 U31) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll () CHR Profile: C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Translate) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-01-31] CHR Extension: (Google+) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2014-02-21] CHR Extension: (Translate Selected Text) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbimffnjoeobhjhochngikepgfejjmgj [2015-01-31] CHR Extension: (AdBlock) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-26] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11] CHR Extension: (EHTip) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbkkdecpgcebkfblliledlcinoeeing [2014-01-22] CHR Extension: (Google Wallet) - C:\Users\Ljilja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [kfejhbidgehdoaglokpfddkmiepmhcck] - No Path Or update_url value ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-19] (Avira Operations GmbH & Co. KG) R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2013-12-18] () R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2013-12-18] (Bytemobile, Inc.) [File not signed] R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-02] (GFI Software) R1 QbikHkVista; C:\Windows\System32\DRIVERS\QbikHkVistaamd64.sys [243904 2013-03-07] () R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation ) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2013-12-18] (Bytemobile, Inc.) [File not signed] U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-03-20] () S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] U4 vsserv; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-25 17:54 - 2015-03-25 17:55 - 00020538 _____ () C:\Users\Ljilja\Desktop\FRST.txt 2015-03-25 17:54 - 2015-03-25 17:54 - 00000000 ____D () C:\FRST 2015-03-25 17:50 - 2015-03-25 17:51 - 02095616 _____ (Farbar) C:\Users\Ljilja\Desktop\FRST64.exe 2015-03-25 12:33 - 2015-03-25 14:18 - 00019969 _____ () C:\Windows\WindowsUpdate.log 2015-03-23 20:39 - 2015-03-23 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-03-23 17:18 - 2015-03-23 17:18 - 00003700 _____ () C:\Windows\System32\Tasks\{7DCFE1CB-8A16-4E99-828A-764137AB2E00} 2015-03-23 16:41 - 2015-03-23 16:41 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF 2015-03-23 16:19 - 2015-03-23 16:19 - 00000000 ____D () C:\Users\Ljilja\Documents\My Palettes 2015-03-23 16:18 - 2015-03-23 16:18 - 00000000 ____D () C:\Users\Ljilja\Documents\Corel 2015-03-22 20:54 - 2015-03-22 20:54 - 00862492 _____ () C:\Users\Ljilja\Desktop\hn.mp4 2015-03-22 17:57 - 2015-03-22 17:57 - 00000000 ____D () C:\Program Files\Hitman Pro 3.5 2015-03-22 14:18 - 2015-03-22 14:18 - 00000000 ____D () C:\Users\Ljilja\Documents\Simply Super Software 2015-03-22 11:20 - 2015-03-22 11:23 - 00007597 _____ () C:\Users\Ljilja\AppData\Local\Resmon.ResmonCfg 2015-03-22 09:48 - 2015-03-22 09:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-22 09:08 - 2015-03-22 09:08 - 00033184 _____ () C:\Users\Ljilja\AppData\Local\recently-used.xbel 2015-03-21 18:12 - 2015-03-21 18:12 - 04499622 _____ () C:\Users\Ljilja\Desktop\Pufosenia Facebook.mp4 2015-03-21 15:50 - 2015-03-21 15:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-03-20 16:10 - 2015-03-20 16:11 - 11802408 _____ () C:\Users\Ljilja\Downloads\SAS_41157.COM 2015-03-20 13:08 - 2015-03-20 13:48 - 00000000 ____D () C:\AdwCleaner 2015-03-19 20:37 - 2015-03-19 20:38 - 07358040 _____ () C:\Users\Ljilja\Downloads\14288_1176447642_HDDRegenerator (1).zip 2015-03-19 18:01 - 2015-03-19 18:02 - 07358040 _____ () C:\Users\Ljilja\Downloads\14288_1176447642_HDDRegenerator.zip 2015-03-19 17:46 - 2015-03-22 19:35 - 00000000 ____D () C:\Users\Ljilja\Desktop\program c 2015-03-14 23:52 - 2015-03-14 23:52 - 03356560 _____ () C:\Users\Ljilja\Downloads\14288_1164542721_Nero_Info_Tool.zip 2015-03-14 01:05 - 2015-03-14 01:05 - 00000000 ____D () C:\ProgramData\Hitman Pro 2015-03-14 00:43 - 2015-03-20 12:09 - 00000000 ____D () C:\Program Files\HitmanPro 2015-03-13 10:10 - 2015-03-21 16:13 - 00000000 ____D () C:\Users\Ljilja\AppData\Local\Lenovo 2015-03-13 10:09 - 2015-03-21 16:12 - 00000000 ____D () C:\Program Files (x86)\Lenovo 2015-03-13 10:09 - 2015-03-13 10:09 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo 2015-03-12 17:12 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-12 17:12 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-12 17:12 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-12 17:12 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-12 17:12 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-12 17:12 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-12 17:12 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-12 17:12 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-12 17:12 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-12 17:12 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-12 17:12 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-12 17:12 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-12 17:12 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-12 17:12 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-12 17:12 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-12 17:12 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-12 17:12 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-12 17:12 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-12 17:12 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-12 17:12 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-12 17:12 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-12 17:12 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-12 17:12 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-12 17:12 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-12 17:12 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-12 17:12 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-12 17:12 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-12 17:12 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-12 17:12 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-12 17:12 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-12 17:12 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-12 17:11 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-12 17:11 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-12 17:11 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-12 17:11 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-12 17:11 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-12 17:11 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-12 17:11 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-12 17:11 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-12 17:11 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-12 17:11 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-12 17:11 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-12 17:11 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-12 17:11 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-12 17:11 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-12 17:11 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-12 17:11 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-12 17:11 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-12 17:11 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-12 17:11 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-12 17:11 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-12 17:11 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-12 17:11 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-12 17:11 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-12 17:11 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-12 17:11 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-12 17:11 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-12 17:11 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-12 17:11 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-12 17:11 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-12 17:11 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-12 17:11 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-12 17:11 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-12 17:11 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-12 17:11 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-12 17:11 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-12 17:11 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-03-12 17:11 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-12 17:11 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-12 17:11 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-12 17:11 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-12 17:11 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-12 17:11 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-12 17:11 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-12 17:11 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-03-12 17:11 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-12 17:10 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-12 17:10 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-12 17:10 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-12 17:10 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-12 17:10 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-12 17:10 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-12 17:10 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-12 17:10 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-12 17:10 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-12 17:10 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-12 17:10 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-12 17:10 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-12 17:10 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-12 17:10 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-12 17:10 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-12 17:10 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-12 17:10 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-12 17:10 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-12 17:10 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-12 17:10 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-12 17:10 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-12 17:10 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-03-12 17:10 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-12 17:10 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-12 17:10 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-03-12 17:10 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-12 17:10 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-03-12 17:10 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-03-12 17:10 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-12 17:10 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-03-12 17:10 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-12 17:10 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-12 17:10 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-12 17:10 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-12 17:10 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-12 17:10 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-12 17:10 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-12 17:10 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-12 17:10 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-12 17:10 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-12 17:10 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-12 17:10 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-12 17:10 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-12 17:10 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-12 17:10 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-12 17:10 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-12 17:10 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-12 17:10 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-12 17:10 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-12 17:10 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-12 17:10 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-12 17:10 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-12 17:10 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-12 17:09 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-12 17:09 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-12 17:09 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-12 17:09 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-12 17:09 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-12 17:09 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-12 17:09 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-12 17:09 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-12 17:09 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-12 17:09 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-12 17:09 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-12 17:09 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-12 17:09 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-12 17:09 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-12 17:09 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-12 17:09 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-12 17:09 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-12 17:09 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-12 17:09 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-12 17:09 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-12 17:09 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-12 17:09 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-12 17:09 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-12 17:09 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-12 17:09 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-12 17:09 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-12 17:09 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-12 17:09 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-12 17:09 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-12 17:09 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-12 17:09 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-12 17:09 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-12 17:09 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-12 17:09 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-12 17:09 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-12 17:09 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-12 17:09 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-12 17:09 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-03-12 17:09 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-03-12 17:09 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-03-12 17:09 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-12 17:09 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-12 17:09 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-12 17:09 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-12 17:09 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-12 17:09 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-12 17:09 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-12 17:09 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-12 17:09 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-12 17:09 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-12 17:09 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-12 17:09 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-12 17:09 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-12 17:09 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-12 17:09 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-12 17:09 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-12 17:09 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-12 17:03 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-12 17:03 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-11 18:08 - 2015-03-14 00:49 - 00000000 ____D () C:\Users\Ljilja\dwhelper 2015-03-10 08:11 - 2015-03-10 08:11 - 00000000 ____D () C:\Users\Ljilja\Tracing 2015-03-07 12:28 - 2015-03-07 15:03 - 00001908 _____ () C:\Users\Ljilja\Desktop\Blender.lnk 2015-03-07 11:36 - 2015-03-07 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation 2015-03-07 11:36 - 2015-03-07 11:36 - 00000000 ____D () C:\Program Files\Blender Foundation 2015-03-07 11:27 - 2015-03-07 11:29 - 64542509 _____ () C:\Users\Ljilja\Downloads\blender-2.73a-windows64.exe 2015-03-04 22:43 - 2015-03-04 22:43 - 00018759 _____ () C:\Users\Ljilja\Downloads\animstack.zip 2015-03-03 10:01 - 2009-12-31 18:38 - 04129895 _____ () C:\Gimp-GAP-2.6.0-Setup.exe 2015-03-03 09:28 - 2015-03-03 09:28 - 00003148 _____ () C:\Windows\System32\Tasks\{C1F358EC-916E-4BD3-AC69-83F2165B73B5} 2015-03-03 09:26 - 2015-03-03 09:26 - 00000000 ____D () C:\Program Files\share 2015-03-03 09:26 - 2015-03-03 09:26 - 00000000 ____D () C:\Program Files\lib 2015-03-01 10:25 - 2015-03-01 10:26 - 00000000 ____D () C:\Users\Ljilja\Downloads\Dodaci za GIMP_pluginovi 2015-02-28 00:32 - 2015-03-22 19:37 - 00000000 ____D () C:\Users\Ljilja\Desktop\suđenje karnevalu 2015-02-26 18:01 - 2015-03-19 18:01 - 00073728 _____ () C:\Windows\SysWOW64\tasks.dll 2015-02-26 12:20 - 2015-02-26 12:20 - 00002217 _____ () C:\Users\Public\Desktop\CrazyTalk v6.21 PRO.lnk 2015-02-26 12:19 - 2015-02-26 12:19 - 00000074 __RSH () C:\Windows\CT6PRET.BIN 2015-02-26 12:19 - 2015-02-26 12:19 - 00000000 ____D () C:\ProgramData\Reallusion 2015-02-26 12:19 - 2015-02-26 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reallusion 2015-02-26 12:14 - 2015-02-26 12:14 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\InstallShield 2015-02-25 18:02 - 2015-02-25 18:02 - 00239104 _____ (AV Security Software) C:\Windows\mlwps.exe 2015-02-25 18:01 - 2015-02-25 18:01 - 00003260 _____ () C:\Windows\System32\Tasks\Grand Panda Updater 2015-02-25 18:01 - 2015-02-25 18:01 - 00000000 _____ () C:\Users\Ljilja\AppData\Roaming\3C79.tmp 2015-02-24 21:06 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-24 21:06 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-23 21:46 - 2015-03-05 10:54 - 00000000 ____D () C:\Users\Ljilja\.thumbnails 2015-02-23 19:46 - 2015-02-23 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid 2015-02-23 19:46 - 2015-02-23 19:46 - 00000000 ____D () C:\Program Files (x86)\Xvid 2015-02-23 19:46 - 2014-04-08 21:51 - 00706048 _____ () C:\Windows\system32\xvidcore.dll 2015-02-23 19:46 - 2014-04-08 21:51 - 00251392 _____ () C:\Windows\system32\xvidvfw.dll 2015-02-23 19:46 - 2014-04-08 21:51 - 00169984 _____ () C:\Windows\system32\xvid.ax 2015-02-23 19:46 - 2014-04-08 21:50 - 00632320 _____ () C:\Windows\SysWOW64\xvidcore.dll 2015-02-23 19:46 - 2014-04-08 21:50 - 00235520 _____ () C:\Windows\SysWOW64\xvidvfw.dll 2015-02-23 19:46 - 2014-04-08 21:50 - 00147456 _____ () C:\Windows\SysWOW64\xvid.ax 2015-02-23 19:41 - 2015-02-23 19:41 - 11261576 _____ (Xvid Team) C:\Users\Ljilja\Downloads\Xvid-1.3.3-20140407.exe 2015-02-23 19:06 - 2015-02-23 19:06 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\Reallusion 2015-02-23 14:41 - 2015-02-26 12:18 - 00000000 ____D () C:\Users\Public\Documents\Reallusion 2015-02-23 13:48 - 2015-02-26 12:18 - 00000000 ____D () C:\Program Files (x86)\Reallusion 2015-02-23 13:48 - 2014-05-13 08:52 - 00000147 _____ () C:\Windows\CT7PRET.BIN 2015-02-23 13:41 - 2015-02-23 13:41 - 00003308 _____ () C:\Windows\System32\Tasks\{AD766E01-230E-48FB-8E01-FA5E0343FE94} 2015-02-23 11:28 - 2015-02-23 11:28 - 00011108 _____ () C:\Users\Ljilja\Downloads\[kickass.to]crazytalk.pro.6.21.build.1921.1.(zabranjeno).torrent ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-25 17:20 - 2015-02-08 22:15 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-25 16:58 - 2012-12-23 22:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-25 14:30 - 2014-05-29 19:48 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-25 14:20 - 2012-12-23 22:09 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-03-25 14:20 - 2012-12-23 22:09 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-25 14:20 - 2012-12-23 22:09 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-03-25 12:38 - 2009-07-14 05:45 - 00023824 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-25 12:38 - 2009-07-14 05:45 - 00023824 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-25 12:30 - 2015-02-08 22:15 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-25 12:30 - 2013-08-19 18:16 - 00000000 ____D () C:\ProgramData\MCShield 2015-03-25 12:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-25 12:27 - 2015-02-16 23:26 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1FD0BBB3-F82C-4D61-ADB8-2F3A4AD35621} 2015-03-25 12:27 - 2013-08-29 14:07 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware 2015-03-25 12:24 - 2009-07-14 06:13 - 00786622 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-23 22:23 - 2013-01-09 22:06 - 00000069 _____ () C:\Windows\NeroDigital.ini 2015-03-23 20:42 - 2013-09-20 15:27 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\uTorrent 2015-03-23 20:42 - 2013-01-06 18:12 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\PhotoScape 2015-03-23 20:38 - 2012-12-22 19:33 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2015-03-23 20:21 - 2014-11-13 11:09 - 00000000 ____D () C:\Program Files (x86)\VITSOFT 2015-03-23 20:17 - 2014-12-04 21:30 - 00032768 ____H () C:\Users\Ljilja\Desktop\photothumb.db 2015-03-23 20:13 - 2013-02-27 13:52 - 00000000 ____D () C:\Windows\pss 2015-03-23 17:20 - 2015-02-15 20:17 - 00000000 ____D () C:\Users\Ljilja\AppData\Local\Adobe 2015-03-23 17:19 - 2015-02-19 19:30 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\Adobe 2015-03-23 17:12 - 2014-02-23 20:19 - 00000000 ____D () C:\Users\Ljilja\AppData\Local\CrashDumps 2015-03-23 16:16 - 2014-11-15 18:27 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\Thinstall 2015-03-23 15:54 - 2012-12-27 17:15 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\gtk-2.0 2015-03-23 15:34 - 2015-02-04 22:54 - 00000000 ___RD () C:\Users\Ljilja\Desktop\fotošop 2015-03-22 18:16 - 2015-01-22 13:34 - 00001052 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Flash CS4 Professional.lnk 2015-03-22 18:14 - 2015-02-21 12:17 - 00000000 ____D () C:\ProgramData\Adobe 2015-03-22 18:14 - 2015-01-22 13:32 - 00002294 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk 2015-03-22 18:12 - 2015-02-17 14:37 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2015-03-22 18:11 - 2015-01-22 13:29 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk 2015-03-22 14:27 - 2015-01-31 20:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-22 12:47 - 2013-01-19 17:20 - 00000000 ____D () C:\Program Files (x86)\Java 2015-03-22 11:19 - 2014-04-22 10:02 - 00000000 ____D () C:\Users\Ljilja\.gimp-2.8 2015-03-22 09:08 - 2013-07-28 12:39 - 00000000 ____D () C:\Users\Ljilja\AppData\Local\gtk-2.0 2015-03-22 08:55 - 2013-10-28 14:17 - 00000000 ___RD () C:\Users\Ljilja\Desktop\gimp-painter 2015-03-21 15:49 - 2013-01-11 11:53 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-03-21 13:20 - 2012-12-22 20:11 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\Skype 2015-03-20 13:22 - 2015-02-06 18:50 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2015-03-19 22:04 - 2013-01-31 18:36 - 00000000 ____D () C:\ProgramData\Temp 2015-03-16 20:16 - 2015-02-13 00:27 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-03-15 22:41 - 2015-02-13 00:27 - 00000000 ____D () C:\Program Files\CCleaner 2015-03-14 02:17 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-03-14 00:41 - 2015-02-06 20:14 - 00000000 ____D () C:\ProgramData\HitmanPro 2015-03-13 10:09 - 2014-03-26 17:39 - 00000000 ____D () C:\Windows\Downloaded Installations 2015-03-13 00:45 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-03-12 23:29 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-03-12 21:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-03-12 17:47 - 2009-07-14 05:45 - 05456896 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-12 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-12 17:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-12 17:35 - 2012-12-22 20:02 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-12 17:25 - 2013-09-11 22:54 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-12 17:17 - 2013-08-10 22:47 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-11 18:08 - 2012-12-22 18:05 - 00000000 ____D () C:\Users\Ljilja 2015-03-10 08:08 - 2014-05-15 12:20 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-03-10 08:08 - 2012-12-22 20:08 - 00000000 ____D () C:\ProgramData\Skype 2015-03-05 10:08 - 2013-09-16 22:08 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-03-05 10:08 - 2013-09-16 21:13 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-03-05 10:08 - 2013-09-16 21:13 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-03-03 14:41 - 2013-12-17 17:09 - 00000000 ____D () C:\Program Files\GIMP 2 2015-02-28 14:50 - 2013-01-06 18:55 - 00000000 ____D () C:\Users\Ljilja\AppData\Roaming\vlc 2015-02-26 12:18 - 2012-12-22 19:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information ==================== Files in the root of some directories ======= 2015-02-25 18:01 - 2015-02-25 18:01 - 0000000 _____ () C:\Users\Ljilja\AppData\Roaming\3C79.tmp 2013-08-01 09:05 - 2014-09-16 16:02 - 0003584 _____ () C:\Users\Ljilja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-22 09:08 - 2015-03-22 09:08 - 0033184 _____ () C:\Users\Ljilja\AppData\Local\recently-used.xbel 2015-03-22 11:20 - 2015-03-22 11:23 - 0007597 _____ () C:\Users\Ljilja\AppData\Local\Resmon.ResmonCfg Some content of TEMP: ==================== C:\Users\Ljilja\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-25 13:15 ==================== End Of Log ============================ https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 26 Mar 2015 18:13 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Sudeći po ekstenziji, Avira je detektovala fajl smješten u nečiji karantin te stoga pusti Aviru da obavi svoje. Korak 2 Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION Toolbar: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File Toolbar: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File CHR HKLM-x32\...\Chrome\Extension: [kfejhbidgehdoaglokpfddkmiepmhcck] - No Path Or update_url value R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-02] (GFI Software) EmptyTemp: U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Profil

Ljilja Hnovi Poslao: 26 Mar 2015 18:56 Idi na vrh
offline Ljilja Hnovi Prijatelj foruma Pridružio: 14 Okt 2012 Poruke: 3611 Gde živiš: Herceg Novi	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Sass Drake! Avira je završila, i ja sam kliknula na Apply now. Evo fixlog.txt. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by Ljilja at 2015-03-26 18:31:46 Run:1 Running from C:\Users\Ljilja\Desktop Loaded Profiles: Ljilja (Available profiles: Ljilja) Boot Mode: Normal ============================================== Content of fixlist: *************** HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION Toolbar: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File Toolbar: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File CHR HKLM-x32\...\Chrome\Extension: [kfejhbidgehdoaglokpfddkmiepmhcck] - No Path Or update_url value R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-02] (GFI Software) EmptyTemp: *************** "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found. HKU\S-1-5-21-1503208027-2844097221-2948931502-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} => value deleted successfully. HKCR\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825} => Key not found. HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{{472734EA-242A-422B-ADF8-83D1E48CC825} => Value not found. HKCR\CLSID\Toolbar: HKU\S-1-5-21-1503208027-2844097221-2948931502-1000-{{472734EA-242A-422B-ADF8-83D1E48CC825} => Key not found. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kfejhbidgehdoaglokpfddkmiepmhcck" => Key deleted successfully. gfibto => Service stopped successfully. gfibto => Service deleted successfully. EmptyTemp: => Removed 224.1 MB temporary data. The system needed a reboot. ==== End of Fixlog 18:31:49 ====

Profil

Sass Drake Poslao: 26 Mar 2015 19:56 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje? Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

Ljilja Hnovi Poslao: 30 Mar 2015 22:16 Idi na vrh
offline Ljilja Hnovi Prijatelj foruma Pridružio: 14 Okt 2012 Poruke: 3611 Gde živiš: Herceg Novi	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 26 Mar 2015 20:52 Laptop radi fino, ne koči i brzo otvara stranice. Nije detektovan malware, i evo izvještaja. Malwarebytes Anti-Rootkit BETA 1.09.1.1004 www.malwarebytes.org Database version: main: v2015.03.26.06 rootkit: v2015.02.25.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.17691 Ljilja :: LJILJA-PC [administrator] 26.3.2015 20:08:50 mbar-log-2015-03-26 (20-08-50).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 388584 Time elapsed: 31 minute(s), 46 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) https://www.mycity.rs/must-login.png Dopuna: 30 Mar 2015 22:16 @Sass Drake Jesi li zaboravio na moju temu? Ako si, neka si, dovoljno si uradio, laptop radi dobro. Samo mi kaži mogu li ovo što sam preuzimala izbrisati (FRST64, Fixlog...) i da li mogu da ostavim ovaj MBAR i da ga povremeno koristim (imam onaj drugi), ili i njega da izbrišem? Hvala ti puno!

Profil

Sass Drake Poslao: 30 Mar 2015 22:35 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: Ljilja Hnovi Registruj se da bi pohvalio/la poruku! Izvini. To bi bilo to. Sada je sistem čist. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja. Možeš koristiti Malwarebytes Anti-Malware Free za periodičnu provjeru sistema umjesto MBARa.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provjera laptopa

Ko je trenutno na forumu

Ukupno su 972 korisnika na forumu :: 50 registrovanih, 5 sakrivenih i 917 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 5.56, A.R.Chafee.Jr., bagor10, bokisha253, Brana01, cifra, Dannyboy, darkojbn, debeli, dekan.m, Denaya, Dimitrije Paunovic, djboj, doklevise, dragoljub11987, Excalibur13, Frunze, Georgius, HrcAk47, Istman, Ivan Campo, JimmyNapoli, JOntra, kobaja77, Kubovac, Lubica, MB120mm, mercedesamg, mgolub, mikrimaus, milenko crazy north, Milos ZA, MiroslavD, naki011, nenad81, nenooo, nextyamb, raketaš, raptorsi, rasok, Romibrat, saputnik plavetnila, slonic_tonic, SR-3m, stegonosa, Stoilkovic, trajkoni018, Viceroy, Wrangler, 125

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by