MyCity » Ambulanta -> Arhiva Ambulante » Skocni prozori MBAM prijavljuje infected page

Skocni prozori MBAM prijavljuje infected page

Napisano na dan: 15.12.2017

Skocni prozori MBAM prijavljuje infected page

Odgovori

rewritable Poslao: 15 Dec 2017 23:54 Idi na vrh
offline rewritable Ugledni građanin Pridružio: 20 Mar 2009 Poruke: 300 Gde živiš: Republic Of Srpska Banjaluka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav Prilikom klika Browser mi otvara nove prozore,ali samo na jednom sajtu!Zbog djece i crtanih filmova bio sam primoran da ga posjecujem!Ko ima djecu shvatice!MBAM dok je trajao trazal verzija blokirao je te pop up kao maliciozni sadrzaj!Nisam primjetio nesto drasticno u radu kompa osim sto izbacuje to,pa bi molio za preled i dijagnozu!Unaprijed hvala!Internet 2mb U prilogu skenovi FRST-a Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2017 Ran by Dell (administrator) on OGNJEN (15-12-2017 23:08:09) Running from C:\Users\Dell\Desktop Loaded Profiles: Dell (Available Profiles: Dell & DefaultAppPool) Platform: Windows 10 Home Version 1703 15063.786 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe (Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe (AMD) C:\Windows\System32\atieclxx.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL HKLM-x32\...\Run: [CTHelper] => CTHELPER.EXE* HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation) HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\Run: [Dropbox Update] => C:\Users\Dell\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: 127.0.0.1 player.kmpmedia.net Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{aedcbee4-e60e-4041-a940-d65dacea85ad}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{e31571c0-bfc6-4a82-a585-61fdfc32f511}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000 -> {A062DB09-C42B-4F4D-A7DB-D5756847EAC8} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11467 BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-29] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-29] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-29] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-29] (Oracle Corporation) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000 -> No Name - {55C396C6-3C52-4017-A7E9-EED1C9094BEB} - No File DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab FireFox: ======== FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2017-12-11] FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2017-11-09] FF Extension: (Video DownloadHelper) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-09] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-12] () FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-29] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-29] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-29] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default [2017-12-11] CHR Extension: (Google Slides) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-05] CHR Extension: (Google Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-05] CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-05] CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-05] CHR Extension: (Google Sheets) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-05] CHR Extension: (Google Docs Offline) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-05] CHR Extension: (Chrome Web Store Payments) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-02] CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-05] CHR Extension: (Chrome Media Router) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-10] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-07-31] (Adobe Systems) [File not signed] R2 atchksrv; C:\Program Files (x86)\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-07-25] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-12-10] (Creative Technology Ltd) [File not signed] S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group) R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-07] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-07] (Microsoft Corporation) S3 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [29208 2014-07-25] () R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-12-15] () S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2016-01-11] (REALiX(tm)) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.) S3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-12-11] (Malwarebytes) S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-12-11] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-12-15] (Malwarebytes) S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-12-12] (Malwarebytes) R1 MpKsle67a43d2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EE8FD9E7-1040-4CF7-A731-C711AAB23793}\MpKsle67a43d2.sys [58120 2017-12-15] (Microsoft Corporation) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-05-31] (Synaptics Incorporated) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2017-12-07] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2017-12-07] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-07] (Microsoft Corporation) R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-02-06] (Zemana Ltd.) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-02-06] (Zemana Ltd.) U3 idsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-12-15 23:08 - 2017-12-15 23:10 - 000014827 _____ C:\Users\Dell\Desktop\FRST.txt 2017-12-15 23:07 - 2017-12-15 23:08 - 000000000 ____D C:\FRST 2017-12-15 23:07 - 2017-12-15 23:07 - 002392064 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe 2017-12-15 22:26 - 2017-12-15 22:27 - 000000000 ___HD C:\$WINDOWS.~BT 2017-12-15 21:41 - 2017-12-15 21:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2017-12-15 12:34 - 2017-12-15 21:41 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2017-12-14 21:32 - 2017-11-30 04:33 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe 2017-12-14 21:32 - 2017-11-30 04:23 - 001194248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-12-14 21:32 - 2017-11-30 04:00 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-12-14 21:32 - 2017-11-30 03:59 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-12-14 21:32 - 2017-11-30 03:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-12-14 21:32 - 2017-11-30 03:58 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2017-12-14 21:32 - 2017-11-30 03:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-12-14 21:32 - 2017-11-30 03:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-12-14 21:32 - 2017-11-30 03:44 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-12-14 21:32 - 2017-11-30 03:44 - 019334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-12-14 21:32 - 2017-11-30 03:44 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-12-14 21:32 - 2017-11-30 03:43 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-12-14 21:32 - 2017-11-30 03:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-12-14 21:32 - 2017-11-30 03:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2017-12-14 21:32 - 2017-11-30 03:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll 2017-12-14 21:32 - 2017-11-30 03:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx 2017-12-14 21:32 - 2017-11-30 03:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-12-14 21:32 - 2017-11-30 03:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe 2017-12-14 21:32 - 2017-11-30 03:40 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-12-14 21:32 - 2017-11-30 03:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll 2017-12-14 21:32 - 2017-11-30 03:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll 2017-12-14 21:32 - 2017-11-30 03:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe 2017-12-14 21:32 - 2017-11-30 03:38 - 008195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-12-14 21:32 - 2017-11-30 03:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-12-14 21:32 - 2017-11-30 03:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-12-14 21:32 - 2017-11-30 03:38 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-12-14 21:32 - 2017-11-30 03:37 - 006252544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-12-14 21:32 - 2017-11-30 03:37 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-12-14 21:32 - 2017-11-30 03:36 - 004726784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-12-14 21:32 - 2017-11-30 03:36 - 003652096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-12-14 21:32 - 2017-11-30 03:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-12-14 21:32 - 2017-11-30 03:36 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-12-14 21:32 - 2017-11-30 03:36 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-12-14 21:32 - 2017-11-30 03:35 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-12-14 21:32 - 2017-11-30 03:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-12-14 21:32 - 2017-11-17 10:31 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-12-14 21:32 - 2017-11-17 10:00 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-12-14 21:31 - 2017-11-30 04:33 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-12-14 21:31 - 2017-11-30 04:33 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-12-14 21:31 - 2017-11-30 04:29 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-12-14 21:31 - 2017-11-30 04:26 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-12-14 21:31 - 2017-11-30 04:24 - 000870896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-12-14 21:31 - 2017-11-30 04:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-12-14 21:31 - 2017-11-30 03:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-12-14 21:31 - 2017-11-30 03:44 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll 2017-12-14 21:31 - 2017-11-30 03:44 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2017-12-14 21:31 - 2017-11-30 03:43 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe 2017-12-14 21:31 - 2017-11-30 03:42 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-12-14 21:31 - 2017-11-30 03:42 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2017-12-14 21:31 - 2017-11-30 03:42 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2017-12-14 21:31 - 2017-11-30 03:42 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe 2017-12-14 21:31 - 2017-11-30 03:41 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-12-14 21:31 - 2017-11-30 03:41 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2017-12-14 21:31 - 2017-11-30 03:41 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-12-14 21:31 - 2017-11-30 03:41 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll 2017-12-14 21:31 - 2017-11-30 03:40 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-12-14 21:31 - 2017-11-30 03:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-12-14 21:31 - 2017-11-30 03:39 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2017-12-14 21:31 - 2017-11-30 03:39 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-12-14 21:31 - 2017-11-30 03:39 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-12-14 21:31 - 2017-11-30 03:38 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-12-14 21:31 - 2017-11-30 03:37 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-12-14 21:31 - 2017-11-30 03:37 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-12-14 21:31 - 2017-11-30 03:36 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-12-14 21:31 - 2017-11-30 03:36 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-12-14 21:31 - 2017-11-30 03:36 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-12-14 21:31 - 2017-11-17 10:46 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2017-12-14 21:31 - 2017-11-17 10:46 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-12-14 21:31 - 2017-11-17 10:46 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-12-14 21:31 - 2017-11-17 10:46 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-12-14 21:31 - 2017-11-17 10:46 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-12-14 21:31 - 2017-11-17 10:46 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-12-14 21:31 - 2017-11-17 10:46 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-12-14 21:31 - 2017-11-17 10:46 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-12-14 21:31 - 2017-11-17 10:46 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-12-14 21:31 - 2017-11-17 10:46 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-12-14 21:31 - 2017-11-17 10:46 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-12-14 21:31 - 2017-11-17 10:46 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2017-12-14 21:31 - 2017-11-17 10:46 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-12-14 21:31 - 2017-11-17 10:41 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2017-12-14 21:31 - 2017-11-17 10:39 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-12-14 21:31 - 2017-11-17 10:39 - 000643200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-12-14 21:31 - 2017-11-17 10:37 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-12-14 21:31 - 2017-11-17 10:03 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-12-14 21:31 - 2017-11-17 09:59 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-12-14 21:31 - 2017-11-17 09:56 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-12-11 22:39 - 2017-12-12 08:32 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-12-11 22:39 - 2017-12-11 23:09 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-12-11 22:39 - 2017-12-11 23:09 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-12-11 22:32 - 2017-12-11 22:33 - 008187336 _____ (Malwarebytes) C:\Users\Dell\Desktop\adwcleaner_7.0.5.0.exe 2017-12-11 21:53 - 2017-12-11 21:53 - 000004456 _____ C:\Users\Dell\Desktop\[limetorrents.cc]ESET.Internet.Security.11.0.154.0...(zabranjeno).[(zabranjeno)sNow].torrent 2017-12-08 11:35 - 2017-12-08 11:35 - 000000000 ____D C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-12-05 21:20 - 2017-12-05 21:22 - 012292112 _____ (IObit ) C:\Users\Dell\Desktop\smart-defrag-setup.exe 2017-11-28 12:24 - 2017-11-28 12:24 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-11-28 12:24 - 2017-11-28 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-11-28 12:23 - 2017-12-15 12:34 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-11-28 12:23 - 2017-11-28 12:23 - 000000000 ____D C:\ProgramData\MB2Migration 2017-11-28 12:23 - 2017-11-28 12:23 - 000000000 ____D C:\Program Files\Malwarebytes 2017-11-28 12:23 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\SMSS-PFRO5ce5.tmp 2017-11-28 12:04 - 2017-11-28 12:04 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2017-11-28 12:02 - 2017-11-28 12:02 - 010849904 _____ (Piriform Ltd) C:\Users\Dell\Desktop\ccsetup537.exe 2017-11-28 11:25 - 2017-11-28 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2017-11-15 08:36 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-11-15 08:36 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-11-15 08:36 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2017-11-15 08:36 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-11-15 08:36 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-11-15 08:36 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-11-15 08:36 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2017-11-15 08:36 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-11-15 08:36 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2017-11-15 08:36 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-11-15 08:36 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2017-11-15 08:36 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-11-15 08:36 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-11-15 08:36 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-11-15 08:36 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll 2017-11-15 08:36 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2017-11-15 08:36 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-11-15 08:36 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-11-15 08:36 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-11-15 08:36 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2017-11-15 08:36 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-11-15 08:36 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2017-11-15 08:36 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-11-15 08:36 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2017-11-15 08:36 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-11-15 08:36 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-11-15 08:36 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll 2017-11-15 08:36 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-11-15 08:36 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-11-15 08:36 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll 2017-11-15 08:36 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-11-15 08:36 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll 2017-11-15 08:36 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-11-15 08:36 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2017-11-15 08:36 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-11-15 08:36 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-11-15 08:36 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-11-15 08:36 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll 2017-11-15 08:36 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-11-15 08:36 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-11-15 08:36 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-11-15 08:36 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-11-15 08:36 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-11-15 08:36 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll 2017-11-15 08:36 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2017-11-15 08:36 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-11-15 08:36 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-11-15 08:36 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-11-15 08:36 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-11-15 08:36 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-11-15 08:36 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-11-15 08:36 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-11-15 08:36 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2017-11-15 08:36 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-11-15 08:36 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-11-15 08:36 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-11-15 08:35 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-11-15 08:35 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-11-15 08:35 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-11-15 08:35 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-11-15 08:35 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-11-15 08:35 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-11-15 08:35 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2017-11-15 08:35 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2017-11-15 08:35 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2017-11-15 08:35 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2017-11-15 08:35 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-11-15 08:35 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-11-15 08:35 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-11-15 08:35 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-11-15 08:35 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-11-15 08:35 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2017-11-15 08:35 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-11-15 08:35 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-11-15 08:35 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-11-15 08:35 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-11-15 08:35 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-11-15 08:35 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-11-15 08:35 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-11-15 08:35 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-11-15 08:35 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2017-11-15 08:35 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-11-15 08:35 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2017-11-15 08:35 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2017-11-15 08:35 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-11-15 08:35 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-11-15 08:35 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2017-11-15 08:35 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-11-15 08:35 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-11-15 08:35 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-11-15 08:35 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-11-15 08:35 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-11-15 08:35 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-11-15 08:35 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-11-15 08:35 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-11-15 08:35 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-11-15 08:35 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-11-15 08:35 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-11-15 08:35 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-11-15 08:35 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-11-15 08:35 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-11-15 08:35 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-11-15 08:35 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll 2017-11-15 08:35 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-11-15 08:35 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-11-15 08:35 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-11-15 08:35 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2017-11-15 08:35 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-11-15 08:34 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-11-15 08:34 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-11-15 08:34 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll 2017-11-15 08:34 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-11-15 08:34 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-11-15 08:34 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-11-15 08:34 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys 2017-11-15 08:34 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2017-11-15 08:34 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-11-15 08:34 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-11-15 08:34 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2017-11-15 08:34 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2017-11-15 08:34 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2017-11-15 08:34 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-11-15 08:34 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys 2017-11-15 08:34 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll 2017-11-15 08:34 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe 2017-11-15 08:34 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-11-15 08:34 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll 2017-11-15 08:34 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll 2017-11-15 08:34 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll 2017-11-15 08:34 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2017-11-15 08:34 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll 2017-11-15 08:34 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2017-11-15 08:34 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll 2017-11-15 08:34 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-11-15 08:34 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll 2017-11-15 08:34 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-11-15 08:34 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2017-11-15 08:34 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-11-15 08:34 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-11-15 08:34 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2017-11-15 08:34 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-11-15 08:34 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2017-11-15 08:34 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2017-11-15 08:34 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-11-15 08:34 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-11-15 08:34 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-12-15 23:10 - 2017-07-18 08:17 - 000000000 ___DC C:\WINDOWS\Panther 2017-12-15 23:10 - 2017-02-06 23:29 - 000075126 _____ C:\WINDOWS\ZAM.krnl.trace 2017-12-15 23:10 - 2017-02-06 23:29 - 000044327 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2017-12-15 23:04 - 2017-07-24 22:10 - 000004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{98D7EC62-366C-4F08-893E-5FE2BC28788D} 2017-12-15 23:00 - 2017-07-24 21:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-12-15 23:00 - 2015-10-13 12:26 - 000000000 ____D C:\Users\Dell\AppData\Roaming\vlc 2017-12-15 21:46 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-12-15 21:46 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-12-15 21:44 - 2014-07-28 10:12 - 000000000 ____D C:\ProgramData\MCShield 2017-12-15 21:43 - 2016-02-13 14:20 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-12-15 21:42 - 2017-07-24 22:10 - 000004590 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-12-15 21:42 - 2017-07-24 21:53 - 000000000 ____D C:\Users\Dell 2017-12-15 21:42 - 2017-07-24 21:49 - 005018480 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-12-15 21:41 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-12-15 21:41 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-12-15 21:39 - 2017-07-24 22:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-12-15 13:53 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-12-15 13:52 - 2017-06-13 22:34 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2 2017-12-15 13:52 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-12-15 13:52 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF 2017-12-15 12:41 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-12-15 12:41 - 2015-08-06 14:28 - 000000000 ____D C:\Users\Dell\AppData\Local\Packages 2017-12-15 12:37 - 2014-07-27 23:29 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-12-15 12:31 - 2017-10-11 08:42 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2017-12-15 12:31 - 2014-07-27 23:29 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-12-11 23:16 - 2017-08-11 11:06 - 000029040 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000003-00000000-00000000-00001102-00000008-10241102}.rfx 2017-12-11 23:16 - 2017-08-11 11:06 - 000011564 _____ C:\WINDOWS\system32\DVCState-{00000003-00000000-00000000-00001102-00000008-10241102}.rfx 2017-12-11 23:16 - 2017-07-24 21:52 - 000033800 _____ C:\WINDOWS\system32\BMXStateBkp-{00000003-00000000-00000000-00001102-00000008-10241102}.rfx 2017-12-11 23:16 - 2017-07-24 21:52 - 000033800 _____ C:\WINDOWS\system32\BMXState-{00000003-00000000-00000000-00001102-00000008-10241102}.rfx 2017-12-11 23:16 - 2017-07-24 21:52 - 000029040 _____ C:\WINDOWS\system32\BMXCtrlState-{00000003-00000000-00000000-00001102-00000008-10241102}.rfx 2017-12-11 23:01 - 2013-10-11 15:33 - 000000000 ____D C:\Program Files (x86)\Google 2017-12-11 22:48 - 2014-08-25 20:53 - 000000000 ____D C:\Users\Dell\AppData\Roaming\IObit 2017-12-11 22:48 - 2014-08-25 20:53 - 000000000 ____D C:\Program Files (x86)\IObit 2017-12-11 22:44 - 2014-07-25 23:19 - 000000000 ____D C:\Users\Dell\AppData\Roaming\uTorrent 2017-12-11 22:36 - 2014-07-30 00:01 - 000000000 ____D C:\AdwCleaner 2017-12-10 10:37 - 2014-09-18 22:10 - 000001067 _____ C:\Users\Dell\Desktop\Magic Video Converter.lnk 2017-12-10 09:10 - 2014-09-03 22:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-12-09 20:58 - 2017-04-02 23:34 - 000000000 ____D C:\Users\Dell\AppData\LocalLow\Mozilla 2017-12-09 20:57 - 2017-03-23 14:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-12-08 11:35 - 2014-07-28 00:10 - 000000000 ____D C:\Users\Dell\AppData\Roaming\Dropbox 2017-12-05 21:23 - 2015-03-16 19:46 - 000000000 ____D C:\ProgramData\ProductData 2017-12-05 21:22 - 2014-08-25 20:53 - 000000000 ____D C:\ProgramData\IObit 2017-12-02 03:25 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-12-02 03:25 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-11-30 07:41 - 2015-10-18 20:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-11-28 12:23 - 2015-11-14 18:07 - 000000000 ____D C:\Users\Dell\Documents\ViberDownloads 2017-11-28 12:23 - 2014-07-26 13:05 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-11-28 12:12 - 2015-11-14 18:06 - 000000000 ____D C:\Users\Dell\AppData\Roaming\ViberPC 2017-11-28 12:04 - 2014-07-25 16:44 - 000000000 ____D C:\Program Files\CCleaner 2017-11-28 11:55 - 2014-07-29 13:52 - 000000000 ____D C:\Users\Dell\AppData\Roaming\Media Player Classic 2017-11-28 11:25 - 2017-02-06 23:29 - 000001145 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2017-11-28 11:25 - 2017-02-06 23:29 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2017-11-23 21:41 - 2017-07-24 22:10 - 000003952 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1406302336 2017-11-23 21:41 - 2017-06-30 19:52 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk 2017-11-23 21:41 - 2014-07-25 16:32 - 000000000 ____D C:\Program Files (x86)\Opera 2017-11-21 21:09 - 2010-11-21 04:27 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-11-19 09:00 - 2017-04-17 22:11 - 000000000 ___RD C:\Users\Dell\Desktop\VirusDetect 2017-11-17 19:27 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache 2017-11-16 22:00 - 2017-07-24 22:10 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-11-16 21:57 - 2017-07-24 21:52 - 001253720 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-11-16 21:54 - 2016-10-29 17:36 - 000000000 ____D C:\Users\Dell\AppData\Roaming\dvdcss 2017-11-15 11:18 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-11-15 11:18 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-11-15 11:18 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning 2017-11-15 11:18 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-11-15 11:18 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer ==================== Files in the root of some directories ======= 2014-09-18 22:10 - 2014-09-18 22:10 - 000093696 _____ () C:\Users\Dell\AppData\Roaming\ezpinst.exe 2014-09-18 22:10 - 2014-09-18 22:10 - 000007176 _____ () C:\Users\Dell\AppData\Roaming\pcouffin.cat 2014-09-18 22:10 - 2014-09-18 22:10 - 000001167 _____ () C:\Users\Dell\AppData\Roaming\pcouffin.inf 2014-09-18 22:10 - 2014-09-18 22:11 - 000000034 _____ () C:\Users\Dell\AppData\Roaming\pcouffin.log 2014-09-18 22:10 - 2014-09-18 22:10 - 000082048 _____ (VSO Software) C:\Users\Dell\AppData\Roaming\pcouffin.sys 2014-12-02 16:01 - 2016-12-12 14:54 - 000007680 _____ () C:\Users\Dell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-08-23 11:53 - 2015-10-28 22:09 - 000007597 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== 2017-12-11 22:57 - 2017-12-11 22:57 - 000040448 ____N () C:\Users\Dell\AppData\Local\Temp\proxy_vole5579023762963836933.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-12-11 22:06 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2017 Ran by Dell (15-12-2017 23:11:35) Running from C:\Users\Dell\Desktop Windows 10 Home Version 1703 15063.786 (X64) (2017-07-24 21:18:10) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2447321986-1037009976-1939901392-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2447321986-1037009976-1939901392-503 - Limited - Disabled) Dell (S-1-5-21-2447321986-1037009976-1939901392-1000 - Administrator - Enabled) => C:\Users\Dell Guest (S-1-5-21-2447321986-1037009976-1939901392-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2447321986-1037009976-1939901392-1034 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.) ACDSee Free (HKLM-x32\...\ACDSee Free) (Version: 1.1.21 - ACD Systems International Inc.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated) Adobe Audition 3.0 Vista Compatibility (HKLM\...\{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb) (Version: - ) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated) Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Any Video Converter 5.7.2 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6499 - CDBurnerXP) Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited) Direct Show Ogg Vorbis Filter (remove only) (HKLM-x32\...\OggDS) (Version: - ) Dr.Tag Plus! v1.0.1 (HKLM-x32\...\Dr.Tag Plus!_is1) (Version: 1.0.1 - Aspect-one.) Dr.Tag v3.0.1 (HKLM-x32\...\Dr.Tag_is1) (Version: 3.0.1 - Aspect one) Dropbox (HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\Dropbox) (Version: 40.4.46 - Dropbox, Inc.) FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft) HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd) HWiNFO64 Version 5.40 (HKLM\...\HWiNFO64_is1) (Version: 5.40 - Martin Malík - REALiX) HydraVision (HKLM-x32\...\{81FC7956-B18B-FE40-1A9B-71B6FE85897D}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation) Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - ) KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.3 - PandoraTV) Magic Video Converter 8.0.10.28 (HKLM-x32\...\Magic Video Converter_is1) (Version: - ) Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 45.1.1 ESR (x64 bs) (HKLM\...\Mozilla Firefox 45.1.1 ESR (x64 bs)) (Version: 45.1.1 - Mozilla) Mozilla Firefox 56.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0.2 (x64 en-US)) (Version: 56.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 49.0.2725.47 (HKLM-x32\...\Opera 49.0.2725.47) (Version: 49.0.2725.47 - Opera Software) paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC) PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.) Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.106 - Skype Technologies S.A.) Sound Blaster Audigy 5_Audigy Rx (HKLM-x32\...\{81440118-F1CE-4C87-BC8B-F1EB8D3FA190}) (Version: 1.0 - Creative Technology Limited) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Viber (HKLM-x32\...\{D65DDA75-2C0A-46BA-807D-127BD5638490}) (Version: 6.0.1.5 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\{acc83058-83b0-41e2-b372-266672a1af16}) (Version: 6.0.1.5 - Viber Media Inc.) Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version: - ) Vit Registry Fix 12.6.6 (Remove only) (HKLM\...\Vit Registry Fix) (Version: - VITSOFT) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc) Winamp Detector Plug-in (HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Winrar Activator version 1.2 (HKLM-x32\...\{AE0B3F2A-EB65-4D01-A3E1-6D879C6AAF2A}_is1) (Version: 1.2 - Rarlab) Wisdom-soft ScreenHunter 6.0 Free (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Free) (Version: - Wisdom Software Inc.) ZaraRadio 1.6.2 (HKLM-x32\...\ZaraRadio_is1) (Version: - Kero Systems S.L.) Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-06-27] () ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] () ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal) ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-06-27] () ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group) ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] () ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-2447321986-1037009976-1939901392-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-2447321986-1037009976-1939901392-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-2447321986-1037009976-1939901392-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {056AB80B-9273-40C0-880A-3AC51EFA9F14} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {05FA85AA-5D86-416E-B393-56222694A16A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {13B7AF96-0C96-4265-B9CA-45E81693BCDA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {17A20674-BD5A-499B-8837-9D89B67EB42C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation) Task: {2317911D-EDDF-489C-9B94-2B2F8130B165} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-15] (Adobe Systems Incorporated) Task: {267FDA8F-FBD1-4BD6-ADC4-B04A6605288A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation) Task: {26DAD7EF-872E-4C4C-85FC-AB1FBB2F21AD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {2EBEE81F-AA92-4AF0-B723-D6F8394458E4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {2F47257A-D693-4B80-8562-25762BFD4BEC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd) Task: {2F670494-A60A-4545-8026-D91A443DFA76} - System32\Tasks\{319F06A2-D974-4C2D-A23C-90E8FB424EEF} => c:\program files (x86)\opera\launcher.exe [2017-11-23] (Opera Software) Task: {33E818A8-6B46-4B82-97E3-7C19708997AD} - System32\Tasks\Opera scheduled Autoupdate 1406302336 => C:\Program Files (x86)\Opera\launcher.exe [2017-11-23] (Opera Software) Task: {3FB374DC-CA1B-4745-B1A2-275BF3C4AD18} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {40143C49-8C08-4ACD-AFFE-5C3822DDD1D6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {40CEE75A-D5D4-43D8-9002-E9097BB5C926} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd) Task: {44593D16-E139-4AA6-907A-74F43B5BB552} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2447321986-1037009976-1939901392-1000UA1d23a0485e90cb4 => C:\Users\Dell\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.) Task: {486AF928-1F83-44B6-8EE3-CF580298252D} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {4B40E070-8563-4C65-9151-3EC6FDD6963F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {4FDCDE6E-1BC9-43C1-AF82-92D264CA9F83} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {533AB336-8706-4F2A-9E87-868DB1FF3B70} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {59CEC787-1DC6-49B7-9B61-53A012A2EB18} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation) Task: {619BDA4F-BB14-47ED-AD10-CAADCEBA8D34} - System32\Tasks\{4AEB1CE9-1F13-41CD-BDD9-DDE41B6C3C37} => C:\Windows\system32\pcalua.exe -a C:\Users\Dell\Desktop\Setup.exe -d C:\Users\Dell\Desktop Task: {6279752F-FB40-4FDD-986A-0197420010EA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6B414E9A-3EDF-436A-8FA0-024F371FA253} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {71D486E3-E14C-41A9-97A9-F0DD2C6259CC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {738E4CC3-02D6-4DE3-9CF4-34B4C1B27B6B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {766EE1AD-B942-4C73-9AAD-4AE0DC8C7D70} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7A3732BD-C4D9-4941-8A84-51EC26457DB8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7E0B8B85-C429-482C-A8DB-EFFE38D0CC95} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {80EB1D06-E372-419A-B9C0-124663418C68} - System32\Tasks\{276627CC-01F9-4E42-8F2E-4A8AE7339DB9} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\ALCATech\BPM-Studio Profi\BPM.exe" -d "C:\Program Files (x86)\ALCATech\BPM-Studio Profi" Task: {90984EC3-E170-4EB1-BC31-FEDD227BC89E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2447321986-1037009976-1939901392-1000Core1d23a04854ca086 => C:\Users\Dell\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.) Task: {96EA0B8D-6FAA-4CB0-A2EF-B23C53EB5DE8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9A2AA336-71DD-49BE-A7B5-E17FAD643D9A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {A3CAB599-7CFA-4D41-89EE-CFB139F70B8D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A7D21614-14CE-475E-A1F0-E5835D54FEDE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AB3AF8D4-70C7-4884-98F1-AAF60DC60479} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AEC95B70-6A3A-4AD1-9D0C-F16A8E12DA2B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-15] (Adobe Systems Incorporated) Task: {B965D401-A3F2-46B0-A493-AA0480421676} - \Driver Booster SkipUAC (Dell) -> No File <==== ATTENTION Task: {C3ADB322-161F-476B-AEA1-CEB20990D80C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C4964CB9-1D04-461D-83C1-2F3034123047} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {C68575E1-D024-4AB4-804B-03F21889BA7A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C89CA92E-653F-4F8A-BA85-E13064B93A16} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {CAF442BA-6476-4A79-B5DA-104F11BC5AF3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D8D7B40D-0694-4B40-BC0B-2A3E2B24CE22} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {DA9DA5A0-C82D-4FF6-ADEA-1D6580C687C0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {DD75A6B4-2567-4A44-A5BD-94389606CF40} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {E07D3527-E373-49FA-8537-7DB1405E495C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {E2264A00-7B47-4927-9B45-67C70D07C4A2} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EAC5210F-97D5-42DF-8A18-7996777B859B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {EB5C4186-EBB2-4407-9BB2-EA0BD8DE617C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {ECDFD33E-6282-44D5-9999-0E3BC95A0707} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {EE6C5FDA-1C69-4869-BBAC-6C0098A1EC0F} - System32\Tasks\{032C6470-4D24-48FA-80CC-B0A474C32B8E} => C:\Windows\system32\pcalua.exe -a "H:\bpm Studio 4.9.1\Setup.exe" -d "H:\bpm Studio 4.9.1" Task: {EF0368B9-F7E7-4B10-BC2C-49E382A6531A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-12-15] (Microsoft Corporation) Task: {F6F2D297-ECA9-4505-A453-7F79FC204CE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation) Task: {F87597EF-76CD-49DD-950D-86AD91FA82FB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {FD3E7DC1-A1EB-4E07-9F3E-893DE1E29AF8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2447321986-1037009976-1939901392-1000Core1d23a04854ca086.job => C:\Users\Dell\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2447321986-1037009976-1939901392-1000UA1d23a0485e90cb4.job => C:\Users\Dell\AppData\Local\Dropbox\Update\DropboxUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-11-28 12:23 - 2017-12-15 12:34 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2010-10-20 14:23 - 2010-10-20 14:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2017-03-18 21:59 - 2017-03-19 03:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-12-15 12:24 - 2017-12-15 12:30 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-12-15 12:24 - 2017-12-15 12:30 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-12-15 12:24 - 2017-12-15 12:30 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-12-15 12:24 - 2017-12-15 12:30 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\dell.com -> dell.com IE restricted site: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\kmpmedia.net -> hxxp://player.kmpmedia.net ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2016-10-13 21:08 - 000000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 player.kmpmedia.net ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell\AppData\Roaming\ACD Systems\ACDSee\ACD Wallpaper.bmp DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^Users^Dell^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Speed Launcher => 1418412366 MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AsioThk32Reg => REGSVR32.EXE /S CTASIO.DLL MSCONFIG\startupreg: atchk => "C:\Program Files (x86)\Intel\AMT\atchk.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Creative Hot Key Control => "C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTHKCtrl.exe" /StartupRun MSCONFIG\startupreg: CTHelper => CTHELPER.EXE MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" MSCONFIG\startupreg: picon => "C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup MSCONFIG\startupreg: PMBVolumeWatcher => MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: StartCCC => MSCONFIG\startupreg: SunJavaUpdateSched => MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: SystemExplorerAutoStart => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE HKLM\...\StartupApproved\Run: => "StartCCC" HKLM\...\StartupApproved\Run: => "ZAM" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "iSlim310_Monitor" HKLM\...\StartupApproved\Run32: => "ZAM" HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\StartupApproved\Run: => "Dropbox Update" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{BBC55A1E-625A-447A-A818-6433425E5A64}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9256226F-4622-4992-8CEE-A821C7597FEB}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{05A55C3C-EBC7-486F-A7D1-777ADEF1FD98}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C3CFE080-B773-44ED-93F4-A7BEDDB5F745}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{42FAFBDE-BD1F-4270-8466-F5F1F324CC97}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5564B54F-75F6-4E52-9C0A-5EBB92A86C3D}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B4307D7B-0842-41FE-A10A-33FF4899B515}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{56CFDACE-7FB8-485F-9698-E626CC302A16}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{A6659EB3-5EC2-4D06-A69D-52746F68032E}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [TCP Query User{BF1B0853-05C2-4E55-A71F-FF45935FCFF3}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{B870A2B4-2FB2-45C9-8049-DB2FAAB50697}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [{DFE41BC7-9AE4-457D-9F12-851ED504CBE8}] => (Allow) C:\Users\Dell\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{183BA5C1-170A-4936-806F-B33EB8973BC9}] => (Allow) C:\Users\Dell\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{B4AD4258-1A53-4672-A06C-1FEED2D9E127}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe FirewallRules: [{30592A99-11F1-445C-ABA7-005E61E8F2CD}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe FirewallRules: [{9C937B64-6F88-4C00-8D28-A57E33DBA596}] => (Allow) LPort=7935 FirewallRules: [TCP Query User{C6F7ABE9-E7DF-4A81-B490-109E39EAF904}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{95E339AA-343E-4B75-BAFE-092572920027}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{87A758BF-3F9C-4081-90D4-7D6DA9D3104B}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe FirewallRules: [UDP Query User{A1FBB6F1-6F02-4DF9-9015-76DD91D8D83F}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe FirewallRules: [{66D03BFF-2F49-430E-BE3D-85246584D2E2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{BF6FA81E-2863-4921-8D3B-9FAD90C7A3D0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{CB50AD10-EFAF-4C59-87C8-3D5E68D6C04F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F5F555B7-2FB4-4431-8D56-48C70EF028D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D67E6603-CCEC-4482-AFEF-7B2FE088DF5F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{DC53093F-46A3-4D9B-AB64-C8847D103A38}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{B54161CD-013A-4A16-97CE-A8A46D4967E8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{FCEE4118-237D-40C5-AAC1-6F8D2BC0DEB6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{077F674A-08D8-4833-A1F2-09C632C8FB41}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{487F5380-6A46-441C-A473-E3ECCAD92F6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{C6046421-AE8A-4499-A96D-E0F446AB306D}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.39\opera.exe FirewallRules: [{E77CAB31-D3CE-4476-9A34-02E4F658FE40}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe ==================== Restore Points ========================= 15-12-2017 09:12:40 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/15/2017 08:51:01 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (12/11/2017 11:05:14 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (12/11/2017 11:03:48 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (12/11/2017 11:02:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (12/11/2017 11:00:29 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (12/11/2017 10:57:42 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (12/11/2017 10:56:47 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {060bee18-d2c9-406a-b7e2-14bbe2181927} Error: (12/11/2017 10:31:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: rkill_2.9.1.0.exe, version: 0.0.0.0, time stamp: 0x5977b090 Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e Exception code: 0xc0000005 Fault offset: 0x0003e31a Faulting process id: 0x4a4 Faulting application start time: 0x01d372c76e55fce6 Faulting application path: C:\Users\Dell\Desktop\rkill_2.9.1.0.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 44330df7-8858-4559-9b3a-0ba5a0861c42 Faulting package full name: Faulting package-relative application ID: Error: (12/11/2017 10:22:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: rkill_2.9.1.0.exe, version: 0.0.0.0, time stamp: 0x5977b090 Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e Exception code: 0xc0000005 Fault offset: 0x0003e31a Faulting process id: 0x1d40 Faulting application start time: 0x01d372c61e6f3b52 Faulting application path: C:\Users\Dell\Desktop\rkill_2.9.1.0.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 70642975-d7be-4a44-8dc7-a7d6bf89c355 Faulting package full name: Faulting package-relative application ID: Error: (12/07/2017 01:31:17 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. System errors: ============= Error: (12/15/2017 09:44:57 PM) (Source: DCOM) (EventID: 10016) (User: OGNJEN) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user OGNJEN\Dell SID (S-1-5-21-2447321986-1037009976-1939901392-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. Error: (12/15/2017 09:41:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CDPSvc service. Error: (12/15/2017 09:40:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Net.Msmq Listener Adapter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/15/2017 09:40:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the NetMsmqActivator service to connect. Error: (12/15/2017 09:40:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Net.Pipe Listener Adapter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/15/2017 09:40:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the NetPipeActivator service to connect. Error: (12/15/2017 09:39:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SysMain service terminated with the following error: The request is not supported. Error: (12/15/2017 09:39:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error: (12/15/2017 09:39:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The CldFlt service failed to start due to the following error: The request is not supported. Error: (12/15/2017 12:30:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Feature update to Windows 10, version 1709. CodeIntegrity: =================================== Date: 2017-12-15 08:49:20.043 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-12-12 11:07:01.186 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-12-11 23:00:53.595 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-11 23:00:52.890 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-11 22:06:14.971 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-12-09 21:15:31.276 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-12-08 09:37:40.139 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-12-07 19:48:33.909 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-12-07 19:48:33.905 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-12-07 09:48:37.974 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Percentage of memory in use: 49% Total physical RAM: 3965.61 MB Available physical RAM: 1995.56 MB Total Virtual: 4221.61 MB Available Virtual: 2345.02 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:91.74 GB) (Free:28.83 GB) NTFS Drive d: () (Fixed) (Total:55.57 GB) (Free:20.07 GB) NTFS Drive e: (BUMBA_05) (CDROM) (Total:1.87 GB) (Free:0 GB) UDF Drive f: (Local Disk) (Fixed) (Total:145.51 GB) (Free:12.89 GB) NTFS Drive g: (Local Disk) (Fixed) (Total:152.58 GB) (Free:5.31 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 97BE5B6A) Partition 1: (Active) - (Size=1.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=91.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=55.6 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 924FE640) Partition 1: (Not Active) - (Size=145.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=152.6 GB) - (Type=OF Extended) ==================== End of Addition.txt ============================

Profil

Sass Drake Poslao: 16 Dec 2017 01:05 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne vidim ništa maliciozno. Koristi neki adblocker pa ne bi više trebal oda imaš problema na tom sajtu. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

rewritable Poslao: 16 Dec 2017 01:08 Idi na vrh
offline rewritable Ugledni građanin Pridružio: 20 Mar 2009 Poruke: 300 Gde živiš: Republic Of Srpska Banjaluka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala na brzom odgovoru! Bio mi je ugasen adblock na operi,ali kako ga upali nema vise problema! Ja ga nisam ugasio,sam nije mogao,cudno u svakom slucaju...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Skocni prozori MBAM prijavljuje infected page

Ko je trenutno na forumu

Ukupno su 976 korisnika na forumu :: 43 registrovanih, 9 sakrivenih i 924 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: atmel, babaroga, cavatina, cer, cinoeye, darkangel, Denaya, Dimitrise93, djboj, FileFinder, FOX, Georgius, h8propaganda, HrcAk47, hyla, JOntra, kihot, Komentator, macak44, marsovac 2, mean_machine, mercedesamg, Mercury, milenko crazy north, Mixelotti, mkukoleca, nikoladim, opt1, radoznao, samsung, Sirius, Smiljke, sombrero, styg, theNedjeljko, Trpe Grozni, tubular, Vlada1389, vukovi, wizzardone, Zoca, šumar bk2, žeks62

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by