Skocni prozori MBAM prijavljuje infected page

Skocni prozori MBAM prijavljuje infected page

offline
  • Pridružio: 20 Mar 2009
  • Poruke: 300
  • Gde živiš: Republic Of Srpska Banjaluka

Pozdrav
Prilikom klika Browser mi otvara nove prozore,ali samo na jednom sajtu!Zbog djece i crtanih filmova bio sam primoran da ga posjecujem!Ko ima djecu shvatice!MBAM dok je trajao trazal verzija blokirao je te pop up kao maliciozni sadrzaj!Nisam primjetio nesto drasticno u radu kompa osim sto izbacuje to,pa bi molio za preled i dijagnozu!Unaprijed hvala!Internet 2mb
U prilogu skenovi FRST-a

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2017
Ran by Dell (administrator) on OGNJEN (15-12-2017 23:08:09)
Running from C:\Users\Dell\Desktop
Loaded Profiles: Dell (Available Profiles: Dell & DefaultAppPool)
Platform: Windows 10 Home Version 1703 15063.786 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [CTHelper] => CTHELPER.EXE*
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\Run: [Dropbox Update] => C:\Users\Dell\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 player.kmpmedia.net
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{aedcbee4-e60e-4041-a940-d65dacea85ad}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e31571c0-bfc6-4a82-a585-61fdfc32f511}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000 -> {A062DB09-C42B-4F4D-A7DB-D5756847EAC8} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11467
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-29] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-29] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-29] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-29] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000 -> No Name - {55C396C6-3C52-4017-A7E9-EED1C9094BEB} - No File
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab

FireFox:
========
FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2017-12-11]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2017-11-09]
FF Extension: (Video DownloadHelper) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-09] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-12] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default [2017-12-11]
CHR Extension: (Google Slides) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-05]
CHR Extension: (Google Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-05]
CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-05]
CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-05]
CHR Extension: (Google Sheets) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-05]
CHR Extension: (Google Docs Offline) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-02]
CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-05]
CHR Extension: (Chrome Media Router) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-10]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-07-31] (Adobe Systems) [File not signed]
R2 atchksrv; C:\Program Files (x86)\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-07-25] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-12-10] (Creative Technology Ltd) [File not signed]
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] ()
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-07] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-07] (Microsoft Corporation)
S3 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [29208 2014-07-25] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-12-15] ()
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2016-01-11] (REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
S3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-12-11] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-12-11] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-12-15] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-12-12] (Malwarebytes)
R1 MpKsle67a43d2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EE8FD9E7-1040-4CF7-A731-C711AAB23793}\MpKsle67a43d2.sys [58120 2017-12-15] (Microsoft Corporation)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-05-31] (Synaptics Incorporated)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2017-12-07] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2017-12-07] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-07] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-02-06] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-02-06] (Zemana Ltd.)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-15 23:08 - 2017-12-15 23:10 - 000014827 _____ C:\Users\Dell\Desktop\FRST.txt
2017-12-15 23:07 - 2017-12-15 23:08 - 000000000 ____D C:\FRST
2017-12-15 23:07 - 2017-12-15 23:07 - 002392064 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe
2017-12-15 22:26 - 2017-12-15 22:27 - 000000000 ___HD C:\$WINDOWS.~BT
2017-12-15 21:41 - 2017-12-15 21:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2017-12-15 12:34 - 2017-12-15 21:41 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-12-14 21:32 - 2017-11-30 04:33 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-12-14 21:32 - 2017-11-30 04:23 - 001194248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-12-14 21:32 - 2017-11-30 04:00 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-14 21:32 - 2017-11-30 03:59 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-14 21:32 - 2017-11-30 03:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-14 21:32 - 2017-11-30 03:58 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-14 21:32 - 2017-11-30 03:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-12-14 21:32 - 2017-11-30 03:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-12-14 21:32 - 2017-11-30 03:44 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-14 21:32 - 2017-11-30 03:44 - 019334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-14 21:32 - 2017-11-30 03:44 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-14 21:32 - 2017-11-30 03:43 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-14 21:32 - 2017-11-30 03:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-12-14 21:32 - 2017-11-30 03:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-14 21:32 - 2017-11-30 03:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-14 21:32 - 2017-11-30 03:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-14 21:32 - 2017-11-30 03:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-14 21:32 - 2017-11-30 03:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-14 21:32 - 2017-11-30 03:40 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-14 21:32 - 2017-11-30 03:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-14 21:32 - 2017-11-30 03:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-14 21:32 - 2017-11-30 03:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-14 21:32 - 2017-11-30 03:38 - 008195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-14 21:32 - 2017-11-30 03:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-12-14 21:32 - 2017-11-30 03:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-12-14 21:32 - 2017-11-30 03:38 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-14 21:32 - 2017-11-30 03:37 - 006252544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-14 21:32 - 2017-11-30 03:37 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-14 21:32 - 2017-11-30 03:36 - 004726784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-14 21:32 - 2017-11-30 03:36 - 003652096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-14 21:32 - 2017-11-30 03:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-12-14 21:32 - 2017-11-30 03:36 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-14 21:32 - 2017-11-30 03:36 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-14 21:32 - 2017-11-30 03:35 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-14 21:32 - 2017-11-30 03:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-12-14 21:32 - 2017-11-17 10:31 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-12-14 21:32 - 2017-11-17 10:00 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-14 21:31 - 2017-11-30 04:33 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-14 21:31 - 2017-11-30 04:33 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-14 21:31 - 2017-11-30 04:29 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-14 21:31 - 2017-11-30 04:26 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-14 21:31 - 2017-11-30 04:24 - 000870896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-14 21:31 - 2017-11-30 04:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-14 21:31 - 2017-11-30 03:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-14 21:31 - 2017-11-30 03:44 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-14 21:31 - 2017-11-30 03:44 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-14 21:31 - 2017-11-30 03:43 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-14 21:31 - 2017-11-30 03:42 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-12-14 21:31 - 2017-11-30 03:42 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-14 21:31 - 2017-11-30 03:42 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-14 21:31 - 2017-11-30 03:42 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-14 21:31 - 2017-11-30 03:41 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-12-14 21:31 - 2017-11-30 03:41 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-14 21:31 - 2017-11-30 03:41 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-12-14 21:31 - 2017-11-30 03:41 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-14 21:31 - 2017-11-30 03:40 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-14 21:31 - 2017-11-30 03:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-14 21:31 - 2017-11-30 03:39 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-14 21:31 - 2017-11-30 03:39 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-14 21:31 - 2017-11-30 03:39 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-12-14 21:31 - 2017-11-30 03:38 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-14 21:31 - 2017-11-30 03:37 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-14 21:31 - 2017-11-30 03:37 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-12-14 21:31 - 2017-11-30 03:36 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-12-14 21:31 - 2017-11-30 03:36 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-14 21:31 - 2017-11-30 03:36 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-14 21:31 - 2017-11-17 10:46 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-12-14 21:31 - 2017-11-17 10:46 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-14 21:31 - 2017-11-17 10:46 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-12-14 21:31 - 2017-11-17 10:46 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-14 21:31 - 2017-11-17 10:46 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-14 21:31 - 2017-11-17 10:46 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-14 21:31 - 2017-11-17 10:46 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-12-14 21:31 - 2017-11-17 10:46 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-12-14 21:31 - 2017-11-17 10:46 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-12-14 21:31 - 2017-11-17 10:46 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-14 21:31 - 2017-11-17 10:46 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-12-14 21:31 - 2017-11-17 10:46 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-12-14 21:31 - 2017-11-17 10:46 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-12-14 21:31 - 2017-11-17 10:41 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-12-14 21:31 - 2017-11-17 10:39 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-12-14 21:31 - 2017-11-17 10:39 - 000643200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-14 21:31 - 2017-11-17 10:37 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-14 21:31 - 2017-11-17 10:03 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-14 21:31 - 2017-11-17 09:59 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-12-14 21:31 - 2017-11-17 09:56 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-11 22:39 - 2017-12-12 08:32 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-12-11 22:39 - 2017-12-11 23:09 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-12-11 22:39 - 2017-12-11 23:09 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-12-11 22:32 - 2017-12-11 22:33 - 008187336 _____ (Malwarebytes) C:\Users\Dell\Desktop\adwcleaner_7.0.5.0.exe
2017-12-11 21:53 - 2017-12-11 21:53 - 000004456 _____ C:\Users\Dell\Desktop\[limetorrents.cc]ESET.Internet.Security.11.0.154.0...(zabranjeno).[(zabranjeno)sNow].torrent
2017-12-08 11:35 - 2017-12-08 11:35 - 000000000 ____D C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-12-05 21:20 - 2017-12-05 21:22 - 012292112 _____ (IObit ) C:\Users\Dell\Desktop\smart-defrag-setup.exe
2017-11-28 12:24 - 2017-11-28 12:24 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-28 12:24 - 2017-11-28 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-28 12:23 - 2017-12-15 12:34 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-28 12:23 - 2017-11-28 12:23 - 000000000 ____D C:\ProgramData\MB2Migration
2017-11-28 12:23 - 2017-11-28 12:23 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-28 12:23 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\SMSS-PFRO5ce5.tmp
2017-11-28 12:04 - 2017-11-28 12:04 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-11-28 12:02 - 2017-11-28 12:02 - 010849904 _____ (Piriform Ltd) C:\Users\Dell\Desktop\ccsetup537.exe
2017-11-28 11:25 - 2017-11-28 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-11-15 08:36 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-15 08:36 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-15 08:36 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-15 08:36 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-15 08:36 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-15 08:36 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-15 08:36 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-15 08:36 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-15 08:36 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-15 08:36 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-15 08:36 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-15 08:36 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-15 08:36 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-15 08:36 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-15 08:36 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-15 08:36 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-15 08:36 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-15 08:36 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-15 08:36 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-15 08:36 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-15 08:36 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-15 08:36 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-15 08:36 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-15 08:36 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-15 08:36 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-15 08:36 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-15 08:36 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-15 08:36 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-15 08:36 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-15 08:36 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-15 08:36 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-15 08:36 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-15 08:36 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-15 08:36 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-15 08:36 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-15 08:36 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-15 08:36 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-15 08:36 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-15 08:36 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-15 08:36 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-15 08:36 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-15 08:36 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-15 08:36 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-15 08:36 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-15 08:36 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-15 08:36 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-15 08:36 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-15 08:36 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-15 08:36 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-15 08:36 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-15 08:36 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-15 08:36 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-15 08:36 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-15 08:36 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-15 08:36 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-15 08:36 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-15 08:35 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-15 08:35 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-15 08:35 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-15 08:35 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-15 08:35 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-15 08:35 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-15 08:35 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-15 08:35 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-15 08:35 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-15 08:35 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-15 08:35 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-15 08:35 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-15 08:35 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-15 08:35 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-15 08:35 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-15 08:35 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-15 08:35 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-15 08:35 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-15 08:35 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-15 08:35 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-15 08:35 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-15 08:35 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-15 08:35 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-15 08:35 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-15 08:35 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-15 08:35 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-15 08:35 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-15 08:35 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-15 08:35 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-15 08:35 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-15 08:35 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-15 08:35 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-15 08:35 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-15 08:35 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-15 08:35 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-15 08:35 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-15 08:35 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-15 08:35 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-15 08:35 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-15 08:35 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-15 08:35 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-15 08:35 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-15 08:35 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-15 08:35 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-15 08:35 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-15 08:35 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-15 08:35 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-15 08:35 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-15 08:35 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-15 08:35 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-15 08:35 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-15 08:35 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-15 08:34 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-15 08:34 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-15 08:34 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-15 08:34 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-15 08:34 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-15 08:34 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-15 08:34 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-15 08:34 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-15 08:34 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-15 08:34 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-15 08:34 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-15 08:34 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-15 08:34 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-15 08:34 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-15 08:34 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-15 08:34 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-15 08:34 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-15 08:34 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-15 08:34 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-15 08:34 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-15 08:34 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-15 08:34 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-15 08:34 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-15 08:34 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-15 08:34 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-15 08:34 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-15 08:34 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-15 08:34 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-15 08:34 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-15 08:34 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-15 08:34 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-15 08:34 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-15 08:34 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-15 08:34 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-15 08:34 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-15 08:34 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-15 08:34 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-15 08:34 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-15 23:10 - 2017-07-18 08:17 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-15 23:10 - 2017-02-06 23:29 - 000075126 _____ C:\WINDOWS\ZAM.krnl.trace
2017-12-15 23:10 - 2017-02-06 23:29 - 000044327 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-12-15 23:04 - 2017-07-24 22:10 - 000004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{98D7EC62-366C-4F08-893E-5FE2BC28788D}
2017-12-15 23:00 - 2017-07-24 21:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-15 23:00 - 2015-10-13 12:26 - 000000000 ____D C:\Users\Dell\AppData\Roaming\vlc
2017-12-15 21:46 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-15 21:46 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-15 21:44 - 2014-07-28 10:12 - 000000000 ____D C:\ProgramData\MCShield
2017-12-15 21:43 - 2016-02-13 14:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-15 21:42 - 2017-07-24 22:10 - 000004590 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-12-15 21:42 - 2017-07-24 21:53 - 000000000 ____D C:\Users\Dell
2017-12-15 21:42 - 2017-07-24 21:49 - 005018480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-15 21:41 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-15 21:41 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-15 21:39 - 2017-07-24 22:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-15 13:53 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-12-15 13:52 - 2017-06-13 22:34 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-15 13:52 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-15 13:52 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-12-15 12:41 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-15 12:41 - 2015-08-06 14:28 - 000000000 ____D C:\Users\Dell\AppData\Local\Packages
2017-12-15 12:37 - 2014-07-27 23:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-15 12:31 - 2017-10-11 08:42 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-15 12:31 - 2014-07-27 23:29 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-11 23:16 - 2017-08-11 11:06 - 000029040 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000003-00000000-00000000-00001102-00000008-10241102}.rfx
2017-12-11 23:16 - 2017-08-11 11:06 - 000011564 _____ C:\WINDOWS\system32\DVCState-{00000003-00000000-00000000-00001102-00000008-10241102}.rfx
2017-12-11 23:16 - 2017-07-24 21:52 - 000033800 _____ C:\WINDOWS\system32\BMXStateBkp-{00000003-00000000-00000000-00001102-00000008-10241102}.rfx
2017-12-11 23:16 - 2017-07-24 21:52 - 000033800 _____ C:\WINDOWS\system32\BMXState-{00000003-00000000-00000000-00001102-00000008-10241102}.rfx
2017-12-11 23:16 - 2017-07-24 21:52 - 000029040 _____ C:\WINDOWS\system32\BMXCtrlState-{00000003-00000000-00000000-00001102-00000008-10241102}.rfx
2017-12-11 23:01 - 2013-10-11 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2017-12-11 22:48 - 2014-08-25 20:53 - 000000000 ____D C:\Users\Dell\AppData\Roaming\IObit
2017-12-11 22:48 - 2014-08-25 20:53 - 000000000 ____D C:\Program Files (x86)\IObit
2017-12-11 22:44 - 2014-07-25 23:19 - 000000000 ____D C:\Users\Dell\AppData\Roaming\uTorrent
2017-12-11 22:36 - 2014-07-30 00:01 - 000000000 ____D C:\AdwCleaner
2017-12-10 10:37 - 2014-09-18 22:10 - 000001067 _____ C:\Users\Dell\Desktop\Magic Video Converter.lnk
2017-12-10 09:10 - 2014-09-03 22:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-09 20:58 - 2017-04-02 23:34 - 000000000 ____D C:\Users\Dell\AppData\LocalLow\Mozilla
2017-12-09 20:57 - 2017-03-23 14:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-08 11:35 - 2014-07-28 00:10 - 000000000 ____D C:\Users\Dell\AppData\Roaming\Dropbox
2017-12-05 21:23 - 2015-03-16 19:46 - 000000000 ____D C:\ProgramData\ProductData
2017-12-05 21:22 - 2014-08-25 20:53 - 000000000 ____D C:\ProgramData\IObit
2017-12-02 03:25 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-02 03:25 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-30 07:41 - 2015-10-18 20:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-28 12:23 - 2015-11-14 18:07 - 000000000 ____D C:\Users\Dell\Documents\ViberDownloads
2017-11-28 12:23 - 2014-07-26 13:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-28 12:12 - 2015-11-14 18:06 - 000000000 ____D C:\Users\Dell\AppData\Roaming\ViberPC
2017-11-28 12:04 - 2014-07-25 16:44 - 000000000 ____D C:\Program Files\CCleaner
2017-11-28 11:55 - 2014-07-29 13:52 - 000000000 ____D C:\Users\Dell\AppData\Roaming\Media Player Classic
2017-11-28 11:25 - 2017-02-06 23:29 - 000001145 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-11-28 11:25 - 2017-02-06 23:29 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-11-23 21:41 - 2017-07-24 22:10 - 000003952 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1406302336
2017-11-23 21:41 - 2017-06-30 19:52 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2017-11-23 21:41 - 2014-07-25 16:32 - 000000000 ____D C:\Program Files (x86)\Opera
2017-11-21 21:09 - 2010-11-21 04:27 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-19 09:00 - 2017-04-17 22:11 - 000000000 ___RD C:\Users\Dell\Desktop\VirusDetect
2017-11-17 19:27 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-16 22:00 - 2017-07-24 22:10 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-11-16 21:57 - 2017-07-24 21:52 - 001253720 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-16 21:54 - 2016-10-29 17:36 - 000000000 ____D C:\Users\Dell\AppData\Roaming\dvdcss
2017-11-15 11:18 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-15 11:18 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-15 11:18 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-15 11:18 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-15 11:18 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer

==================== Files in the root of some directories =======

2014-09-18 22:10 - 2014-09-18 22:10 - 000093696 _____ () C:\Users\Dell\AppData\Roaming\ezpinst.exe
2014-09-18 22:10 - 2014-09-18 22:10 - 000007176 _____ () C:\Users\Dell\AppData\Roaming\pcouffin.cat
2014-09-18 22:10 - 2014-09-18 22:10 - 000001167 _____ () C:\Users\Dell\AppData\Roaming\pcouffin.inf
2014-09-18 22:10 - 2014-09-18 22:11 - 000000034 _____ () C:\Users\Dell\AppData\Roaming\pcouffin.log
2014-09-18 22:10 - 2014-09-18 22:10 - 000082048 _____ (VSO Software) C:\Users\Dell\AppData\Roaming\pcouffin.sys
2014-12-02 16:01 - 2016-12-12 14:54 - 000007680 _____ () C:\Users\Dell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-23 11:53 - 2015-10-28 22:09 - 000007597 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2017-12-11 22:57 - 2017-12-11 22:57 - 000040448 ____N () C:\Users\Dell\AppData\Local\Temp\proxy_vole5579023762963836933.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-11 22:06

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2017
Ran by Dell (15-12-2017 23:11:35)
Running from C:\Users\Dell\Desktop
Windows 10 Home Version 1703 15063.786 (X64) (2017-07-24 21:18:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2447321986-1037009976-1939901392-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2447321986-1037009976-1939901392-503 - Limited - Disabled)
Dell (S-1-5-21-2447321986-1037009976-1939901392-1000 - Administrator - Enabled) => C:\Users\Dell
Guest (S-1-5-21-2447321986-1037009976-1939901392-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2447321986-1037009976-1939901392-1034 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
ACDSee Free (HKLM-x32\...\ACDSee Free) (Version: 1.1.21 - ACD Systems International Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Audition 3.0 Vista Compatibility (HKLM\...\{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb) (Version: - )
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Any Video Converter 5.7.2 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6499 - CDBurnerXP)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Direct Show Ogg Vorbis Filter (remove only) (HKLM-x32\...\OggDS) (Version: - )
Dr.Tag Plus! v1.0.1 (HKLM-x32\...\Dr.Tag Plus!_is1) (Version: 1.0.1 - Aspect-one.)
Dr.Tag v3.0.1 (HKLM-x32\...\Dr.Tag_is1) (Version: 3.0.1 - Aspect one)
Dropbox (HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\Dropbox) (Version: 40.4.46 - Dropbox, Inc.)
FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HWiNFO64 Version 5.40 (HKLM\...\HWiNFO64_is1) (Version: 5.40 - Martin Malík - REALiX)
HydraVision (HKLM-x32\...\{81FC7956-B18B-FE40-1A9B-71B6FE85897D}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.3 - PandoraTV)
Magic Video Converter 8.0.10.28 (HKLM-x32\...\Magic Video Converter_is1) (Version: - )
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 45.1.1 ESR (x64 bs) (HKLM\...\Mozilla Firefox 45.1.1 ESR (x64 bs)) (Version: 45.1.1 - Mozilla)
Mozilla Firefox 56.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0.2 (x64 en-US)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 49.0.2725.47 (HKLM-x32\...\Opera 49.0.2725.47) (Version: 49.0.2725.47 - Opera Software)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.106 - Skype Technologies S.A.)
Sound Blaster Audigy 5_Audigy Rx (HKLM-x32\...\{81440118-F1CE-4C87-BC8B-F1EB8D3FA190}) (Version: 1.0 - Creative Technology Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Viber (HKLM-x32\...\{D65DDA75-2C0A-46BA-807D-127BD5638490}) (Version: 6.0.1.5 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\{acc83058-83b0-41e2-b372-266672a1af16}) (Version: 6.0.1.5 - Viber Media Inc.)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version: - )
Vit Registry Fix 12.6.6 (Remove only) (HKLM\...\Vit Registry Fix) (Version: - VITSOFT)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Winrar Activator version 1.2 (HKLM-x32\...\{AE0B3F2A-EB65-4D01-A3E1-6D879C6AAF2A}_is1) (Version: 1.2 - Rarlab)
Wisdom-soft ScreenHunter 6.0 Free (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Free) (Version: - Wisdom Software Inc.)
ZaraRadio 1.6.2 (HKLM-x32\...\ZaraRadio_is1) (Version: - Kero Systems S.L.)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-06-27] ()
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-06-27] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2447321986-1037009976-1939901392-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2447321986-1037009976-1939901392-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2447321986-1037009976-1939901392-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Dell\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {056AB80B-9273-40C0-880A-3AC51EFA9F14} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {05FA85AA-5D86-416E-B393-56222694A16A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {13B7AF96-0C96-4265-B9CA-45E81693BCDA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {17A20674-BD5A-499B-8837-9D89B67EB42C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {2317911D-EDDF-489C-9B94-2B2F8130B165} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-15] (Adobe Systems Incorporated)
Task: {267FDA8F-FBD1-4BD6-ADC4-B04A6605288A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {26DAD7EF-872E-4C4C-85FC-AB1FBB2F21AD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {2EBEE81F-AA92-4AF0-B723-D6F8394458E4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {2F47257A-D693-4B80-8562-25762BFD4BEC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
Task: {2F670494-A60A-4545-8026-D91A443DFA76} - System32\Tasks\{319F06A2-D974-4C2D-A23C-90E8FB424EEF} => c:\program files (x86)\opera\launcher.exe [2017-11-23] (Opera Software)
Task: {33E818A8-6B46-4B82-97E3-7C19708997AD} - System32\Tasks\Opera scheduled Autoupdate 1406302336 => C:\Program Files (x86)\Opera\launcher.exe [2017-11-23] (Opera Software)
Task: {3FB374DC-CA1B-4745-B1A2-275BF3C4AD18} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {40143C49-8C08-4ACD-AFFE-5C3822DDD1D6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {40CEE75A-D5D4-43D8-9002-E9097BB5C926} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
Task: {44593D16-E139-4AA6-907A-74F43B5BB552} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2447321986-1037009976-1939901392-1000UA1d23a0485e90cb4 => C:\Users\Dell\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.)
Task: {486AF928-1F83-44B6-8EE3-CF580298252D} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {4B40E070-8563-4C65-9151-3EC6FDD6963F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4FDCDE6E-1BC9-43C1-AF82-92D264CA9F83} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {533AB336-8706-4F2A-9E87-868DB1FF3B70} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {59CEC787-1DC6-49B7-9B61-53A012A2EB18} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {619BDA4F-BB14-47ED-AD10-CAADCEBA8D34} - System32\Tasks\{4AEB1CE9-1F13-41CD-BDD9-DDE41B6C3C37} => C:\Windows\system32\pcalua.exe -a C:\Users\Dell\Desktop\Setup.exe -d C:\Users\Dell\Desktop
Task: {6279752F-FB40-4FDD-986A-0197420010EA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B414E9A-3EDF-436A-8FA0-024F371FA253} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {71D486E3-E14C-41A9-97A9-F0DD2C6259CC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {738E4CC3-02D6-4DE3-9CF4-34B4C1B27B6B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {766EE1AD-B942-4C73-9AAD-4AE0DC8C7D70} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A3732BD-C4D9-4941-8A84-51EC26457DB8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E0B8B85-C429-482C-A8DB-EFFE38D0CC95} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {80EB1D06-E372-419A-B9C0-124663418C68} - System32\Tasks\{276627CC-01F9-4E42-8F2E-4A8AE7339DB9} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\ALCATech\BPM-Studio Profi\BPM.exe" -d "C:\Program Files (x86)\ALCATech\BPM-Studio Profi"
Task: {90984EC3-E170-4EB1-BC31-FEDD227BC89E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2447321986-1037009976-1939901392-1000Core1d23a04854ca086 => C:\Users\Dell\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.)
Task: {96EA0B8D-6FAA-4CB0-A2EF-B23C53EB5DE8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9A2AA336-71DD-49BE-A7B5-E17FAD643D9A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A3CAB599-7CFA-4D41-89EE-CFB139F70B8D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A7D21614-14CE-475E-A1F0-E5835D54FEDE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AB3AF8D4-70C7-4884-98F1-AAF60DC60479} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AEC95B70-6A3A-4AD1-9D0C-F16A8E12DA2B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-15] (Adobe Systems Incorporated)
Task: {B965D401-A3F2-46B0-A493-AA0480421676} - \Driver Booster SkipUAC (Dell) -> No File <==== ATTENTION
Task: {C3ADB322-161F-476B-AEA1-CEB20990D80C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C4964CB9-1D04-461D-83C1-2F3034123047} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C68575E1-D024-4AB4-804B-03F21889BA7A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C89CA92E-653F-4F8A-BA85-E13064B93A16} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CAF442BA-6476-4A79-B5DA-104F11BC5AF3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8D7B40D-0694-4B40-BC0B-2A3E2B24CE22} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DA9DA5A0-C82D-4FF6-ADEA-1D6580C687C0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DD75A6B4-2567-4A44-A5BD-94389606CF40} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {E07D3527-E373-49FA-8537-7DB1405E495C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {E2264A00-7B47-4927-9B45-67C70D07C4A2} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EAC5210F-97D5-42DF-8A18-7996777B859B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {EB5C4186-EBB2-4407-9BB2-EA0BD8DE617C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ECDFD33E-6282-44D5-9999-0E3BC95A0707} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {EE6C5FDA-1C69-4869-BBAC-6C0098A1EC0F} - System32\Tasks\{032C6470-4D24-48FA-80CC-B0A474C32B8E} => C:\Windows\system32\pcalua.exe -a "H:\bpm Studio 4.9.1\Setup.exe" -d "H:\bpm Studio 4.9.1"
Task: {EF0368B9-F7E7-4B10-BC2C-49E382A6531A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-12-15] (Microsoft Corporation)
Task: {F6F2D297-ECA9-4505-A453-7F79FC204CE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {F87597EF-76CD-49DD-950D-86AD91FA82FB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FD3E7DC1-A1EB-4E07-9F3E-893DE1E29AF8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2447321986-1037009976-1939901392-1000Core1d23a04854ca086.job => C:\Users\Dell\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2447321986-1037009976-1939901392-1000UA1d23a0485e90cb4.job => C:\Users\Dell\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-11-28 12:23 - 2017-12-15 12:34 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2010-10-20 14:23 - 2010-10-20 14:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2017-03-18 21:59 - 2017-03-19 03:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-15 12:24 - 2017-12-15 12:30 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-15 12:24 - 2017-12-15 12:30 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-12-15 12:24 - 2017-12-15 12:30 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-12-15 12:24 - 2017-12-15 12:30 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\kmpmedia.net -> hxxp://player.kmpmedia.net

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-10-13 21:08 - 000000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 player.kmpmedia.net

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell\AppData\Roaming\ACD Systems\ACDSee\ACD Wallpaper.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^Dell^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1418412366
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AsioThk32Reg => REGSVR32.EXE /S CTASIO.DLL
MSCONFIG\startupreg: atchk => "C:\Program Files (x86)\Intel\AMT\atchk.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Creative Hot Key Control => "C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTHKCtrl.exe" /StartupRun
MSCONFIG\startupreg: CTHelper => CTHELPER.EXE
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: picon => "C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
MSCONFIG\startupreg: PMBVolumeWatcher =>
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC =>
MSCONFIG\startupreg: SunJavaUpdateSched =>
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SystemExplorerAutoStart => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "iSlim310_Monitor"
HKLM\...\StartupApproved\Run32: => "ZAM"
HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2447321986-1037009976-1939901392-1000\...\StartupApproved\Run: => "Dropbox Update"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BBC55A1E-625A-447A-A818-6433425E5A64}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9256226F-4622-4992-8CEE-A821C7597FEB}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{05A55C3C-EBC7-486F-A7D1-777ADEF1FD98}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C3CFE080-B773-44ED-93F4-A7BEDDB5F745}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{42FAFBDE-BD1F-4270-8466-F5F1F324CC97}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5564B54F-75F6-4E52-9C0A-5EBB92A86C3D}] => (Allow) C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B4307D7B-0842-41FE-A10A-33FF4899B515}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{56CFDACE-7FB8-485F-9698-E626CC302A16}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{A6659EB3-5EC2-4D06-A69D-52746F68032E}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{BF1B0853-05C2-4E55-A71F-FF45935FCFF3}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{B870A2B4-2FB2-45C9-8049-DB2FAAB50697}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{DFE41BC7-9AE4-457D-9F12-851ED504CBE8}] => (Allow) C:\Users\Dell\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{183BA5C1-170A-4936-806F-B33EB8973BC9}] => (Allow) C:\Users\Dell\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B4AD4258-1A53-4672-A06C-1FEED2D9E127}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{30592A99-11F1-445C-ABA7-005E61E8F2CD}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{9C937B64-6F88-4C00-8D28-A57E33DBA596}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{C6F7ABE9-E7DF-4A81-B490-109E39EAF904}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{95E339AA-343E-4B75-BAFE-092572920027}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{87A758BF-3F9C-4081-90D4-7D6DA9D3104B}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{A1FBB6F1-6F02-4DF9-9015-76DD91D8D83F}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
FirewallRules: [{66D03BFF-2F49-430E-BE3D-85246584D2E2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{BF6FA81E-2863-4921-8D3B-9FAD90C7A3D0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{CB50AD10-EFAF-4C59-87C8-3D5E68D6C04F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F5F555B7-2FB4-4431-8D56-48C70EF028D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D67E6603-CCEC-4482-AFEF-7B2FE088DF5F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{DC53093F-46A3-4D9B-AB64-C8847D103A38}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B54161CD-013A-4A16-97CE-A8A46D4967E8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{FCEE4118-237D-40C5-AAC1-6F8D2BC0DEB6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{077F674A-08D8-4833-A1F2-09C632C8FB41}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{487F5380-6A46-441C-A473-E3ECCAD92F6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C6046421-AE8A-4499-A96D-E0F446AB306D}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.39\opera.exe
FirewallRules: [{E77CAB31-D3CE-4476-9A34-02E4F658FE40}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe

==================== Restore Points =========================

15-12-2017 09:12:40 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/15/2017 08:51:01 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (12/11/2017 11:05:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (12/11/2017 11:03:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (12/11/2017 11:02:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (12/11/2017 11:00:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (12/11/2017 10:57:42 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (12/11/2017 10:56:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {060bee18-d2c9-406a-b7e2-14bbe2181927}

Error: (12/11/2017 10:31:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rkill_2.9.1.0.exe, version: 0.0.0.0, time stamp: 0x5977b090
Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e
Exception code: 0xc0000005
Fault offset: 0x0003e31a
Faulting process id: 0x4a4
Faulting application start time: 0x01d372c76e55fce6
Faulting application path: C:\Users\Dell\Desktop\rkill_2.9.1.0.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 44330df7-8858-4559-9b3a-0ba5a0861c42
Faulting package full name:
Faulting package-relative application ID:

Error: (12/11/2017 10:22:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rkill_2.9.1.0.exe, version: 0.0.0.0, time stamp: 0x5977b090
Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e
Exception code: 0xc0000005
Fault offset: 0x0003e31a
Faulting process id: 0x1d40
Faulting application start time: 0x01d372c61e6f3b52
Faulting application path: C:\Users\Dell\Desktop\rkill_2.9.1.0.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 70642975-d7be-4a44-8dc7-a7d6bf89c355
Faulting package full name:
Faulting package-relative application ID:

Error: (12/07/2017 01:31:17 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.


System errors:
=============
Error: (12/15/2017 09:44:57 PM) (Source: DCOM) (EventID: 10016) (User: OGNJEN)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user OGNJEN\Dell SID (S-1-5-21-2447321986-1037009976-1939901392-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (12/15/2017 09:41:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CDPSvc service.

Error: (12/15/2017 09:40:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Net.Msmq Listener Adapter service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (12/15/2017 09:40:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NetMsmqActivator service to connect.

Error: (12/15/2017 09:40:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Net.Pipe Listener Adapter service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (12/15/2017 09:40:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NetPipeActivator service to connect.

Error: (12/15/2017 09:39:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SysMain service terminated with the following error:
The request is not supported.

Error: (12/15/2017 09:39:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (12/15/2017 09:39:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (12/15/2017 12:30:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Feature update to Windows 10, version 1709.


CodeIntegrity:
===================================
Date: 2017-12-15 08:49:20.043
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-12-12 11:07:01.186
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-12-11 23:00:53.595
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-12-11 23:00:52.890
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-12-11 22:06:14.971
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-12-09 21:15:31.276
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-12-08 09:37:40.139
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-12-07 19:48:33.909
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-07 19:48:33.905
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-07 09:48:37.974
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 49%
Total physical RAM: 3965.61 MB
Available physical RAM: 1995.56 MB
Total Virtual: 4221.61 MB
Available Virtual: 2345.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:91.74 GB) (Free:28.83 GB) NTFS
Drive d: () (Fixed) (Total:55.57 GB) (Free:20.07 GB) NTFS
Drive e: (BUMBA_05) (CDROM) (Total:1.87 GB) (Free:0 GB) UDF
Drive f: (Local Disk) (Fixed) (Total:145.51 GB) (Free:12.89 GB) NTFS
Drive g: (Local Disk) (Fixed) (Total:152.58 GB) (Free:5.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 97BE5B6A)
Partition 1: (Active) - (Size=1.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=91.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=55.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 924FE640)
Partition 1: (Not Active) - (Size=145.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=152.6 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ne vidim ništa maliciozno. Koristi neki adblocker pa ne bi više trebal oda imaš problema na tom sajtu.


Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 20 Mar 2009
  • Poruke: 300
  • Gde živiš: Republic Of Srpska Banjaluka

Hvala na brzom odgovoru!
Bio mi je ugasen adblock na operi,ali kako ga upali nema vise problema!
Ja ga nisam ugasio,sam nije mogao,cudno u svakom slucaju...

Ko je trenutno na forumu
 

Ukupno su 944 korisnika na forumu :: 38 registrovanih, 8 sakrivenih i 898 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Rade, A.R.Chafee.Jr., annon, Apok, Bobrock1, bojcistv, celik, Centauro, doktor1964, GandorCC, godljevo, goxin, gzoki, hyla, Joja, kolateralnasteta, kraJo, laurusri, mackenzie, Metanoja, mile23, milos.cbr, miodrag, nuke92, pein, Pohovani_00, rikirubio, Romibrat, sevenino, SlaKoj, Srki94, Srky Boy, t84dar, Tragač, Trpe Grozni, Viceroy, Yi Sun-sin, zziko