Usporen laptop

1

Usporen laptop

offline
  • Pridružio: 16 Jan 2015
  • Poruke: 20
  • Gde živiš: Budva

Imam problem sa laptopom već duže vremena, jer je jako usporen i stalno mi izbaca reklame. Išao sam na opciju msconfig i u tabu startup deštikliraso sve osim MCShileda i Avasta. Koristio sam Avast ali nema koristi.

Koristim ADSL 2,5mb/s, a laptop je ovaj:



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Dubravka (administrator) on DUBRAVKA-PC on 16-01-2015 15:32:03
Running from C:\Users\Dubravka\Desktop
Loaded Profiles: Dubravka (Available profiles: Dubravka)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ClanServers Hosting LLC) D:\Program Files (x86)\GameTracker\GSInGameService.exe
(MyCity) D:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\SourceApp\updateSourceApp.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
() C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
() C:\Program Files (x86)\SourceApp\bin\SourceApp.PurBrowse64.exe
() C:\Program Files (x86)\SourceApp\bin\SourceApp.expext.exe
() C:\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter.exe
() C:\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter64.exe
() C:\Program Files (x86)\SourceApp\bin\SourceApp.BOASHelper.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
() C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Adobe) C:\Users\Dubravka\AppData\Local\Temp\install_flashplayer16x32pp_chra_dy_aaa_aih.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-10] (AVAST Software)
HKLM-x32\...\Run: [Automatic Mouse Move and Click Software.exe] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\...\Run: [MCShield Monitor] => D:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\...\MountPoints2: {c5fba74c-9112-11e4-8fff-5891cf4f26fc} - F:\csgo_license.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-10-30] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [245056 2014-12-24] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [215360 2014-12-24] (Client Connect LTD)
Startup: C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\Software\Microsoft\Internet Explorer\Main,Start Page = trovi.com/?gd=&ctid=CT3330371&o.....&SSPV=
HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3974460009-2644055296-1832368804-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = trovi.com/Results.aspx?gd=&ctid=CT3.....44F&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3974460009-2644055296-1832368804-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = trovi.com/Results.aspx?gd=&ctid=CT3.....44F&q={searchTerms}&SSPV=
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: SourceApp 1.0.0.6 -> {9f7ab9c4-4da3-440e-ba84-95903165f129} -> C:\Program Files (x86)\SourceApp\SourceAppbho.dll (SourceApp)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-3974460009-2644055296-1832368804-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dubravka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3974460009-2644055296-1832368804-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dubravka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-12]

Chrome:
=======
CHR HomePage: Profile 1 -> google.me/
CHR StartupUrls: Profile 1 -> "hxxp://www.trovi.com/?gd=&ctid=CT3330371&octid=EB_ORIGINAL_CTID&ISID=95234a1a-28dd-45f3-9f03-a62a6c7b1dee&SearchSource=55&CUI=&UM=8&UP=SP3BC4B426-BE5C-4261-9E3F-8CF5226FF44F&SSPV=", "https://www.google.me/?gws_rd=cr,ssl&ei=fAAKVLbWFKGhyAPT4oG4CQ"
CHR Profile: C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-12]
CHR Extension: (SourceApp) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aladhhghkicmehdgfinekjlflfjmckkj [2015-01-01]
CHR Extension: (Google Docs) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-12]
CHR Extension: (Google Drive) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-12]
CHR Extension: (YouTube) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-12]
CHR Extension: (Google Search) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-12]
CHR Extension: (Lamborghini Sesto Elemento Theme) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dappigdjllcnkkoacaoolciaolaaiemb [2014-10-14]
CHR Extension: (Google Sheets) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-12]
CHR Extension: (Avast Online Security) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-13]
CHR Extension: (Skype Click to Call) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-10-15]
CHR Extension: (Google Wallet) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-12]
CHR Extension: (Gmail) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-12]
CHR Profile: C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-27]
CHR Extension: (Google Drive) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-27]
CHR Extension: (YouTube) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-27]
CHR Extension: (Google Search) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-27]
CHR Extension: (Lamborghini Sesto Elemento Theme) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dappigdjllcnkkoacaoolciaolaaiemb [2014-12-27]
CHR Extension: (Google Sheets) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-27]
CHR Extension: (AdBlock) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-27]
CHR Extension: (Avast Online Security) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-27]
CHR Extension: (Skype Click to Call) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-27]
CHR Extension: (iLivid) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2014-12-27]
CHR Extension: (Google Wallet) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-27]
CHR Extension: (Gmail) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-14] (AVAST Software)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3323200 2014-12-24] (Client Connect LTD)
R2 GS In-Game Service; D:\Program Files (x86)\GameTracker\GSInGameService.exe [1677080 2013-12-19] (ClanServers Hosting LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [186136 2013-08-17] (TMRG, Inc.) <==== ATTENTION
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe [529136 2015-01-16] ()
R2 Util SourceApp; C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe [529136 2015-01-16] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-14] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-01] (Disc Soft Ltd)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803264 2011-03-10] ()
S3 STIrUsb; C:\Windows\System32\DRIVERS\irstusb.sys [33792 2008-01-19] (SigmaTel, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
R1 {073f2b9a-2357-4614-b174-3fc1afffe941}Gw64; C:\Windows\System32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys [48784 2014-12-31] (StdLib)
R1 {122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64; C:\Windows\System32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys [48784 2015-01-03] (StdLib)
R1 {549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64; C:\Windows\System32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys [48784 2015-01-12] (StdLib)
R1 {95282a5e-d707-43c0-b998-d6a934a963a8}Gw64; C:\Windows\System32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys [48784 2015-01-10] (StdLib)
R1 {cad8ac99-1831-4a75-b758-e4235c95af75}Gw64; C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys [48784 2015-01-15] (StdLib)
R1 {fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64; C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys [48784 2015-01-06] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 15:32 - 2015-01-16 15:32 - 00018675 _____ () C:\Users\Dubravka\Desktop\FRST.txt
2015-01-16 15:29 - 2015-01-16 15:32 - 00000000 ____D () C:\FRST
2015-01-16 15:28 - 2015-01-16 15:28 - 02125312 _____ (Farbar) C:\Users\Dubravka\Desktop\FRST64.exe
2015-01-16 15:13 - 2015-01-16 15:13 - 00000000 ____D () C:\Users\Dubravka\AppData\Local\Adobe
2015-01-16 15:04 - 2015-01-16 15:11 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 15:04 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-16 14:19 - 2015-01-16 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
2015-01-16 14:08 - 2015-01-16 14:17 - 00000000 ____D () C:\ProgramData\MCShield
2015-01-16 14:08 - 2015-01-16 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2015-01-16 14:02 - 2015-01-16 14:03 - 02856736 _____ (MyCity) C:\Users\Dubravka\Downloads\MCShield-Setup.exe
2015-01-16 13:46 - 2015-01-16 14:14 - 00000000 ____D () C:\Users\Dubravka\AppData\Local\Temporary Projects
2015-01-16 13:25 - 2015-01-16 13:08 - 322769618 _____ () C:\Users\Dubravka\Desktop\javaw 2015-01-16 12-56-02-448.avi
2015-01-16 12:25 - 2015-01-15 10:28 - 00335872 _____ () C:\Users\Dubravka\Desktop\Pristupite facebook-u bez interneta.exe
2015-01-16 10:38 - 2015-01-16 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2015-01-16 10:23 - 2015-01-16 10:24 - 09495760 _____ (Bandisoft) C:\Users\Dubravka\Downloads\bdcamsetup (1).exe
2015-01-16 10:19 - 2015-01-16 12:56 - 00000000 ____D () C:\Users\Dubravka\Documents\Bandicam
2015-01-16 10:19 - 2015-01-16 10:19 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\BANDISOFT
2015-01-16 10:14 - 2015-01-16 10:15 - 07245542 _____ () C:\Users\Dubravka\Downloads\Bandicam + (zabranjeno).rar
2015-01-16 10:11 - 2015-01-16 10:38 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2015-01-16 10:09 - 2015-01-16 10:10 - 09495760 _____ (Bandisoft) C:\Users\Dubravka\Downloads\bdcamsetup.exe
2015-01-16 08:18 - 2015-01-16 08:18 - 00005258 _____ () C:\Users\Dubravka\Downloads\KOD.txt
2015-01-16 08:17 - 2015-01-16 08:18 - 00010595 _____ () C:\Users\Dubravka\Downloads\KOD.txt.exe
2015-01-16 07:22 - 2015-01-15 11:35 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys
2015-01-15 12:30 - 2015-01-15 12:30 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Microsoft Corporation
2015-01-15 12:07 - 2015-01-15 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Automatic Mouse Move and Click Software
2015-01-15 12:05 - 2015-01-15 12:06 - 05108463 _____ (Sobolsoft ) C:\Users\Dubravka\Downloads\setup.exe
2015-01-15 10:08 - 2015-01-15 10:08 - 00000894 _____ () C:\Users\Dubravka\Downloads\Phish_Code.txt
2015-01-15 09:09 - 2015-01-15 09:09 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2015-01-15 09:09 - 2015-01-15 09:09 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2015-01-15 09:09 - 2015-01-15 09:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-01-15 09:09 - 2015-01-15 09:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-15 09:09 - 2015-01-15 09:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-01-15 09:09 - 2015-01-15 09:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-15 09:08 - 2015-01-15 12:30 - 00000000 ____D () C:\Users\Dubravka\Documents\Visual Studio 2010
2015-01-15 09:08 - 2015-01-15 09:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2015-01-15 09:05 - 2015-01-15 09:05 - 00000000 ____D () C:\Windows\symbols
2015-01-15 09:05 - 2015-01-15 09:05 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 10.0
2015-01-15 09:05 - 2015-01-15 09:05 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2015-01-15 09:05 - 2015-01-15 09:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2015-01-15 09:04 - 2015-01-15 09:04 - 00000000 ____D () C:\Windows\PCHEALTH
2015-01-15 08:51 - 2015-01-15 08:51 - 03264328 _____ (Microsoft Corporation) C:\Users\Dubravka\Downloads\vb_web.exe
2015-01-13 23:50 - 2015-01-13 23:50 - 00003480 ____N () C:\bootsqm.dat
2015-01-13 23:49 - 2015-01-13 23:49 - 00000000 __SHD () C:\found.001
2015-01-13 20:40 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 20:39 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 20:39 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 20:39 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 20:39 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 20:39 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 20:39 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 20:39 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 20:39 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 20:39 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 20:39 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 20:39 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 20:39 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-12 17:12 - 2015-01-12 05:39 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys
2015-01-12 09:48 - 2015-01-12 09:48 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-01-10 13:21 - 2015-01-10 13:21 - 00040656 _____ () C:\Users\Dubravka\Downloads\75054-Ratatouille.zip
2015-01-10 13:18 - 2015-01-10 13:30 - 00000000 ____D () C:\Users\Dubravka\Downloads\Ratatouille (2007) [1080p]
2015-01-10 13:17 - 2015-01-10 13:17 - 00015018 _____ () C:\Users\Dubravka\Downloads\[kickass.so]ratatouille.2007.1080p.brrip.x264.yify.torrent
2015-01-10 12:47 - 2015-01-10 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-10 12:45 - 2014-12-14 17:23 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-10 12:43 - 2015-01-10 01:36 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys
2015-01-09 14:50 - 2015-01-09 14:50 - 00030549 _____ () C:\Users\Dubravka\Downloads\71286-mvsbolt.zip
2015-01-09 14:47 - 2015-01-10 13:18 - 00000000 ____D () C:\Users\Dubravka\Downloads\Bolt[2008]DvDrip-aXXo
2015-01-09 14:46 - 2015-01-09 14:46 - 00056719 _____ () C:\Users\Dubravka\Downloads\[kickass.so]bolt.2008.dvdrip.axxo.torrent
2015-01-06 18:39 - 2015-01-06 06:40 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys
2015-01-06 08:31 - 2015-01-06 08:31 - 00659826 _____ () C:\Users\Dubravka\Downloads\13 in 1 Hack By Sai.Bot.rar
2015-01-06 08:31 - 2015-01-06 08:31 - 00000000 ____D () C:\Users\Dubravka\Downloads\13 in 1 Hack By Sai.Bot
2015-01-06 07:23 - 2015-01-06 07:24 - 00658797 _____ () C:\Users\Dubravka\Downloads\5 en 1.rar
2015-01-05 14:58 - 2015-01-05 14:58 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MADFINGER Games
2015-01-05 14:57 - 2015-01-05 14:57 - 00000000 ____D () C:\Program Files (x86)\MADFINGER Games
2015-01-05 14:38 - 2015-01-05 14:56 - 191454420 _____ () C:\Users\Dubravka\Downloads\DeadZone_setup.exe
2015-01-05 14:35 - 2015-01-05 14:36 - 00657326 _____ () C:\Users\Dubravka\Downloads\6 In 1 Hack By GodSagar.rar
2015-01-04 12:49 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-01-04 12:49 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-01-04 12:49 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-01-04 12:49 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-01-04 12:49 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-01-04 12:49 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-01-04 12:49 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-01-04 12:49 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-01-04 12:49 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-01-04 12:49 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-01-04 12:49 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-01-04 12:49 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-01-04 12:49 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-01-04 12:49 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-01-04 12:49 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-01-04 12:49 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-01-04 12:49 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-01-04 12:49 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-01-04 12:49 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-01-04 12:49 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-01-04 12:49 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-01-04 12:49 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-01-04 12:49 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-01-04 12:49 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-01-04 12:49 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-01-04 12:49 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-01-04 12:49 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-01-04 12:49 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-01-04 12:49 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-01-04 12:49 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-01-04 12:49 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-01-04 12:49 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-01-04 12:49 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-01-04 12:49 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-01-04 12:49 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-01-04 12:49 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-01-04 12:49 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-01-04 12:49 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-01-04 12:49 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-01-04 12:49 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-01-04 12:49 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-01-04 12:49 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-01-04 12:49 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-01-04 12:49 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-01-04 12:49 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-01-04 12:49 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-01-04 12:49 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-01-04 12:49 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-01-04 12:49 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-01-04 12:49 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-01-04 12:49 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-01-04 12:49 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-01-04 12:49 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-01-04 12:49 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-01-04 12:49 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-01-04 12:49 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-01-04 12:49 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-01-04 12:49 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-01-04 12:49 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-01-04 12:49 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-01-04 12:49 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-01-04 12:49 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-01-04 12:49 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-01-04 12:49 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-01-04 12:49 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-01-04 12:49 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-01-04 12:49 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-01-04 12:49 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-01-04 12:49 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-01-04 12:49 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-01-04 12:49 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-01-04 12:49 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-01-04 12:49 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-01-04 12:49 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-01-04 12:49 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-01-04 12:49 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-01-04 12:49 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-01-04 12:49 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-01-04 12:49 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-01-04 12:49 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-01-04 12:49 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-01-04 12:49 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-01-04 12:49 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-01-04 12:49 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-01-04 12:49 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-01-04 12:49 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-01-04 12:49 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-01-04 12:49 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-01-04 12:49 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-01-04 12:49 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-01-04 12:48 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-01-04 12:48 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-01-04 12:48 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-01-04 12:48 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-01-04 12:48 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-01-04 12:48 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-01-04 12:48 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-01-04 12:48 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-01-04 12:48 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-01-04 12:48 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-01-04 12:48 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-01-04 12:48 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-01-04 12:48 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-01-04 12:48 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-01-04 12:48 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-01-04 12:48 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-01-04 12:48 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-01-04 12:48 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-01-04 12:48 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-01-04 12:48 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-01-04 12:48 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-01-04 12:48 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-01-04 12:48 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-01-04 12:48 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-01-04 12:48 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-01-04 12:48 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-01-04 12:48 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-01-04 12:48 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-01-04 12:48 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-01-04 12:48 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-01-04 12:48 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-01-04 12:48 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-01-04 12:48 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-01-04 12:48 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-01-04 12:48 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-01-04 12:48 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-01-04 12:48 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-01-04 12:48 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-01-04 12:48 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-01-04 12:48 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-01-04 12:48 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-01-04 12:48 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-01-04 12:48 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-01-04 12:48 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-01-04 12:48 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-01-04 12:48 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-01-04 12:48 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-01-04 12:48 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-01-04 12:48 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-01-04 12:48 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-01-04 12:48 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-01-04 12:48 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-01-04 12:48 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-01-04 12:48 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-01-04 12:48 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-01-04 12:48 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-01-04 12:48 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-01-04 12:48 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-01-04 12:48 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-01-04 12:48 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-01-04 12:48 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-01-04 12:48 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-01-04 12:48 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-01-04 12:48 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-01-04 12:48 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-01-04 12:48 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-01-04 12:48 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-01-04 12:48 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-01-04 12:48 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-01-04 12:48 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-01-04 12:48 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-01-04 12:48 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-01-04 12:48 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-01-04 12:48 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-01-04 12:48 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-01-04 12:48 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-01-04 12:47 - 2015-01-04 12:48 - 00010123 _____ () C:\Windows\DirectX.log
2015-01-04 12:47 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-01-04 12:47 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-01-04 12:47 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-01-04 12:47 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-01-04 12:47 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-01-04 12:47 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-01-04 12:47 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-01-04 12:47 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-01-04 12:47 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-01-04 12:47 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-01-04 12:47 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-01-04 12:47 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-01-04 12:47 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-01-04 12:47 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-01-04 12:47 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-01-04 12:47 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-01-04 12:45 - 2015-01-04 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive
2015-01-04 12:27 - 2015-01-04 12:33 - 00000000 ____D () C:\Program Files (x86)\Counter-Strike Global Offensive
2015-01-04 12:24 - 2015-01-04 12:25 - 00012972 _____ () C:\Users\Dubravka\Downloads\[kickass.so]counter.strike.global.offensive.full.rip.rustorka.edition (1).torrent
2015-01-04 11:52 - 2015-01-04 11:52 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
2015-01-04 11:52 - 2015-01-04 11:52 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2015-01-04 11:44 - 2015-01-04 11:44 - 00246984 _____ () C:\Users\Dubravka\Downloads\hl_tag_converter.zip
2015-01-04 11:29 - 2014-07-16 10:24 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-01-04 11:29 - 2014-07-16 10:24 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-01-04 11:29 - 2014-07-16 10:24 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-01-04 11:28 - 2015-01-04 11:29 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-01-04 11:28 - 2015-01-04 11:28 - 00002199 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-01-04 11:28 - 2015-01-04 11:28 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-01-04 11:28 - 2015-01-04 11:28 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\TuneUp Software
2015-01-04 11:28 - 2015-01-04 11:28 - 00000000 ____D () C:\Users\Dubravka\AppData\Local\TuneUp Software
2015-01-04 11:28 - 2015-01-04 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2015-01-04 11:28 - 2015-01-04 11:28 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2015-01-04 11:27 - 2015-01-04 11:27 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1420367225
2015-01-04 11:27 - 2015-01-04 11:27 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-01-04 11:27 - 2015-01-04 11:27 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Opera Software
2015-01-04 11:27 - 2015-01-04 11:27 - 00000000 ____D () C:\Users\Dubravka\AppData\Local\Opera Software
2015-01-04 11:26 - 2015-01-04 11:26 - 00000000 ____D () C:\Users\Dubravka\Documents\My Cheat Tables
2015-01-04 11:25 - 2015-01-04 12:20 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-04 11:25 - 2015-01-04 11:27 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\IHlpr
2015-01-04 11:25 - 2015-01-04 11:25 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\OpenCandy
2015-01-04 11:25 - 2015-01-04 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine v.6.4
2015-01-04 11:24 - 2015-01-04 11:25 - 09052192 _____ (Cheat Engine ) C:\Users\Dubravka\Downloads\CheatEngine64.exe
2015-01-04 11:00 - 2015-01-04 11:01 - 01491609 _____ () C:\Users\Dubravka\Downloads\sniper_zone.rar
2015-01-03 19:24 - 2015-01-03 19:24 - 00169603 _____ () C:\Users\Dubravka\Downloads\fire_bullet.rar
2015-01-03 10:58 - 2015-01-03 00:51 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys
2015-01-02 14:55 - 2015-01-02 14:55 - 00000503 _____ () C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Counter-Strike Source.lnk
2015-01-02 10:36 - 2015-01-02 10:36 - 00000000 ____D () C:\Users\Dubravka\AppData\Local\CrashRpt
2015-01-01 11:39 - 2015-01-01 11:39 - 00000464 __RSH () C:\ProgramData\ntuser.pol
2015-01-01 10:43 - 2015-01-01 10:54 - 268591972 _____ (CSwarzone) C:\Users\Dubravka\Downloads\Counter-Strike.exe
2015-01-01 09:25 - 2015-01-01 09:25 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Macromedia
2015-01-01 09:24 - 2015-01-01 09:24 - 16739007 _____ () C:\Users\Dubravka\Downloads\HappyWheels Full (THENSM).rar
2015-01-01 09:02 - 2014-12-31 20:39 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys
2015-01-01 08:54 - 2015-01-16 15:18 - 00000000 ____D () C:\Program Files (x86)\SourceApp
2015-01-01 08:52 - 2015-01-01 08:52 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic
2015-01-01 08:51 - 2015-01-01 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-01-01 08:50 - 2015-01-01 08:50 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2015-01-01 08:49 - 2015-01-01 09:59 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\DAEMON Tools Lite
2015-01-01 08:48 - 2015-01-01 09:59 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-01 08:47 - 2015-01-16 10:37 - 00000000 ____D () C:\Users\Dubravka\AppData\Local\SoftonicAssistant
2015-01-01 08:45 - 2015-01-01 08:45 - 00373072 _____ () C:\Users\Dubravka\Downloads\SoftonicDownloader_for_daemon-tools-lite.exe
2015-01-01 08:43 - 2015-01-01 09:58 - 2618243072 _____ () C:\Users\Dubravka\Downloads\CS_GO.iso
2015-01-01 08:42 - 2015-01-01 08:42 - 00012972 _____ () C:\Users\Dubravka\Downloads\[kickass.so]counter.strike.global.offensive.full.rip.rustorka.edition.torrent
2014-12-31 15:15 - 2014-12-31 15:15 - 00025369 _____ () C:\Users\Dubravka\Downloads\[kickass.so]counterstrike.1.6.full.bot.lanpatch.(zabranjeno)ed.torrent
2014-12-31 06:51 - 2015-01-16 10:35 - 00002744 _____ () C:\Windows\PFRO.log
2014-12-29 11:35 - 2014-12-29 11:35 - 00058016 _____ () C:\Users\Dubravka\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 08:52 - 2015-01-16 14:17 - 00002408 _____ () C:\Windows\setupact.log
2014-12-29 08:52 - 2014-12-29 08:52 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-29 08:52 - 2014-12-29 08:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-28 09:32 - 2014-12-28 09:32 - 01177888 _____ () C:\Users\Dubravka\Downloads\TooManyItems Mod Installer 1.8.exe
2014-12-28 08:25 - 2014-12-28 08:26 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\skyz
2014-12-28 08:23 - 2014-12-28 13:21 - 00000000 ____D () C:\Minecraft_Backup
2014-12-28 08:23 - 2014-12-28 08:23 - 00167936 _____ (ICSharpCode.net) C:\Users\Dubravka\Downloads\ICSharpCode.SharpZipLib1.dll
2014-12-28 08:22 - 2014-12-28 08:22 - 01185056 _____ () C:\Users\Dubravka\Downloads\Small Boats Mod Installer 1.7.10.exe
2014-12-27 15:25 - 2014-12-27 15:25 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite
2014-12-27 15:23 - 2014-12-27 15:53 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\GameTracker
2014-12-27 15:23 - 2014-12-27 15:23 - 05782856 _____ () C:\Users\Dubravka\Downloads\GTSetup (1).exe
2014-12-27 15:22 - 2014-12-27 15:22 - 05782856 _____ () C:\Users\Dubravka\Downloads\GTSetup.exe
2014-12-27 08:47 - 2014-12-31 15:16 - 00000000 ____D () C:\Users\Dubravka\Downloads\Counter Strike Steam
2014-12-27 08:47 - 2014-12-27 08:47 - 00015221 _____ () C:\Users\Dubravka\Downloads\[kickass.so]counter.strike.1.6.steam.torrent
2014-12-27 08:34 - 2014-12-27 08:38 - 83250885 _____ () C:\Users\Dubravka\Downloads\Unconfirmed 796146.crdownload
2014-12-27 08:02 - 2014-12-27 08:02 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS
2014-12-27 07:24 - 2014-12-27 07:24 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Unity
2014-12-27 07:20 - 2014-12-27 07:20 - 00000000 ____D () C:\Users\Dubravka\AppData\Local\Unity
2014-12-27 07:19 - 2014-12-27 07:20 - 01080608 _____ (Unity Technologies ApS) C:\Users\Dubravka\Downloads\UnityWebPlayer (1).exe
2014-12-27 07:12 - 2014-12-27 07:12 - 00017979 _____ () C:\Users\Dubravka\Downloads\[kickass.so]counter.strike.1.6.classic.original.torrent
2014-12-26 17:45 - 2014-12-27 07:10 - 00000000 ____D () C:\Program Files (x86)\Counter-Strike 1.6
2014-12-26 17:34 - 2014-12-26 17:34 - 00013044 _____ () C:\Users\Dubravka\Downloads\[kickass.so]counter.strike.1.6.torrent
2014-12-22 20:20 - 2014-12-22 20:20 - 00024841 _____ () C:\Users\Dubravka\Downloads\184780-the.house.of.magic.2013.bdrip.xvid.mp3rarbgsr.zip
2014-12-22 20:18 - 2014-12-23 13:20 - 00000000 ____D () C:\Users\Dubravka\Downloads\Thunder and the House of Magic (2013) [1080p]
2014-12-22 20:16 - 2014-12-22 20:17 - 00013321 _____ () C:\Users\Dubravka\Downloads\[kickass.so]thunder.and.the.house.of.magic.2013.1080p.brrip.x264.yify.torrent
2014-12-22 18:32 - 2015-01-16 12:41 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\.minecraft
2014-12-22 18:32 - 2014-12-22 18:32 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-12-22 06:38 - 2014-12-22 06:38 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\WinRAR
2014-12-21 17:18 - 2013-08-17 00:01 - 00859416 _____ (TMRG, Inc.) C:\Windows\system32\rlls64.dll
2014-12-21 17:18 - 2013-08-17 00:01 - 00593688 _____ (TMRG, Inc.) C:\Windows\SysWOW64\rlls.dll
2014-12-21 15:12 - 2014-12-21 15:12 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-21 15:12 - 2014-12-21 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-21 15:11 - 2014-12-21 15:11 - 00000000 ____D () C:\Program Files (x86)\Winrar
2014-12-21 15:09 - 2014-12-21 15:09 - 05335258 _____ () C:\Users\Dubravka\Downloads\WinRAR 3.93 PRO FINAL [FULLY ACTIVATED] Registered.zip
2014-12-21 15:08 - 2014-12-21 15:08 - 00002451 _____ () C:\Users\Dubravka\Downloads\[kickass.so]winrar.3.93.pro.final.fully.activated.registered.torrent
2014-12-21 13:41 - 2015-01-15 08:51 - 00000000 ____D () C:\Program Files (x86)\RelevantKnowledge
2014-12-21 13:40 - 2014-12-21 13:40 - 00000000 ____D () C:\Users\Dubravka\AppData\Local\SearchProtect
2014-12-21 13:40 - 2014-12-21 13:40 - 00000000 ____D () C:\Program Files (x86)\pcfreesoft.com
2014-12-21 13:39 - 2015-01-10 21:13 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-12-21 13:38 - 2014-12-21 13:38 - 00000000 ____D () C:\WinRAR_TSA37ADPB
2014-12-21 13:34 - 2014-12-21 13:35 - 00745064 _____ (?? 2014 ClientConnect Ltd.) C:\Users\Dubravka\Downloads\WinRAR_TSA37ADPB.exe
2014-12-21 13:29 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-21 13:29 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 14:42 - 2014-12-18 14:42 - 00000013 ____R () C:\Users\Dubravka\Desktop\Sve.bat

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 15:24 - 2009-07-14 05:45 - 00025616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-16 15:24 - 2009-07-14 05:45 - 00025616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-16 15:15 - 2014-11-12 14:21 - 01181295 _____ () C:\Windows\WindowsUpdate.log
2015-01-16 14:18 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini
2015-01-16 14:17 - 2014-10-12 12:50 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 14:17 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-16 13:29 - 2014-10-20 20:31 - 00000000 ____D () C:\Users\Dubravka\Documents\Camtasia Studio
2015-01-16 13:16 - 2014-10-13 19:46 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\vlc
2015-01-16 13:13 - 2014-11-05 22:08 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3974460009-2644055296-1832368804-1000UA.job
2015-01-16 10:48 - 2014-11-04 12:14 - 00000000 ____D () C:\Users\Dubravka\AppData\Local\CrashDumps
2015-01-16 07:22 - 2014-10-12 12:57 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-15 22:13 - 2014-11-05 22:08 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3974460009-2644055296-1832368804-1000Core.job
2015-01-15 09:12 - 2014-10-14 17:49 - 00000000 ___RD () C:\Users\Dubravka\Desktop\ 
2015-01-15 09:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-14 09:51 - 2014-10-15 05:55 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Skype
2015-01-14 09:23 - 2014-10-20 20:06 - 00775084 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 09:23 - 2009-07-14 06:13 - 00775084 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 23:45 - 2014-10-14 17:58 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\uTorrent
2015-01-10 21:13 - 2014-10-14 17:40 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Rainmeter
2015-01-10 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-10 12:40 - 2014-10-12 12:23 - 00000000 ____D () C:\Users\Dubravka
2015-01-08 09:55 - 2014-10-13 19:44 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-04 14:52 - 2014-10-12 12:23 - 00000000 ____D () C:\Users\Dubravka\AppData\Local\VirtualStore
2015-01-02 17:36 - 2009-07-14 06:08 - 00032546 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-01 10:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-26 17:48 - 2014-10-18 10:04 - 00000000 ____D () C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-21 15:09 - 2014-10-26 10:55 - 00000000 ____D () C:\Users\Dubravka\Downloads\Harry.Potter.and.the.Sorcerer's.Stone.Extended.Cut.2001.720p.BrRip.x264.AAC.5.1.{MrMoviesFX}.【ThumperDC】

Some content of TEMP:
====================
C:\Users\Dubravka\AppData\Local\Temp\bdfilters.dll
C:\Users\Dubravka\AppData\Local\Temp\bitool.dll
C:\Users\Dubravka\AppData\Local\Temp\bxpueqbs.dll
C:\Users\Dubravka\AppData\Local\Temp\install_flashplayer16x32pp_chra_dy_aaa_aih.exe
C:\Users\Dubravka\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dubravka\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe
C:\Users\Dubravka\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe
C:\Users\Dubravka\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe
C:\Users\Dubravka\AppData\Local\Temp\zkjqgk2n.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-31 18:52

==================== End Of Log ============================

mycity.rs/must-login.png


Prato sam korake koji su napisani u uputstvu "Kako otvoriti temu u Ambulanti", i nadam se da sam dobro uradio. Ako nisam molio bih da mi date instrukcije.

Hvala unaprijed!

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10610
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe:

RelevantKnowledge
Search Protect
Softonic Assistant
Softonic for Windows
SourceApp


Takođe deinstaliraj ako ne koristiš:

TuneUp Utilities 2014
Skype Click to Call



Arrow Korak 2

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

Start

CloseProcesses:

R1 {073f2b9a-2357-4614-b174-3fc1afffe941}Gw64; C:\Windows\System32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys [48784 2014-12-31] (StdLib)
R1 {122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64; C:\Windows\System32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys [48784 2015-01-03] (StdLib)
R1 {549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64; C:\Windows\System32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys [48784 2015-01-12] (StdLib)
R1 {95282a5e-d707-43c0-b998-d6a934a963a8}Gw64; C:\Windows\System32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys [48784 2015-01-10] (StdLib)
R1 {cad8ac99-1831-4a75-b758-e4235c95af75}Gw64; C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys [48784 2015-01-15] (StdLib)
R1 {fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64; C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys [48784 2015-01-06] (StdLib)
HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\...\MountPoints2: {c5fba74c-9112-11e4-8fff-5891cf4f26fc} - F:\csgo_license.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [245056 2014-12-24] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [215360 2014-12-24] (Client Connect LTD)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com/?gd=&ctid=CT3330371&o.....&SSPV=
SearchScopes: HKU\S-1-5-21-3974460009-2644055296-1832368804-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3.....44F&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3974460009-2644055296-1832368804-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3.....44F&q={searchTerms}&SSPV=
BHO-x32: SourceApp 1.0.0.6 -> {9f7ab9c4-4da3-440e-ba84-95903165f129} -> C:\Program Files (x86)\SourceApp\SourceAppbho.dll (SourceApp)
CHR StartupUrls: Profile 1 -> "hxxp://www.trovi.com/?gd=&ctid=CT3330371&octid=EB_ORIGINAL_CTID&ISID=95234a1a-28dd-45f3-9f03-a62a6c7b1dee&SearchSource=55&CUI=&UM=8&UP=SP3BC4B426-BE5C-4261-9E3F-8CF5226FF44F&SSPV=", "https://www.google.me/?gws_rd=cr,ssl&ei=fAAKVLbWFKGhyAPT4oG4CQ"
CHR Extension: (SourceApp) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aladhhghkicmehdgfinekjlflfjmckkj [2015-01-01]
CHR Extension: (iLivid) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2014-12-27]
CHR Extension: (Lamborghini Sesto Elemento Theme) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dappigdjllcnkkoacaoolciaolaaiemb [2014-12-27]
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [186136 2013-08-17] (TMRG, Inc.) <==== ATTENTION
R2 Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe [529136 2015-01-16] ()
R2 Util SourceApp; C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe [529136 2015-01-16] ()
Task: {F9056C29-121C-41F0-82D3-761C6E92D01D} - System32\Tasks\{57DAEEE3-ECB0-409A-BA87-FE68B77815F0} => pcalua.exe -a "F:\ah 531\CHIPSET_V9.2.0.1021_WIN7-64_CA41534-9366.EXE" -d "F:\ah 531"
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Softonic for Windows" /f
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoftonicAssistant" /f
C:\Program Files (x86)\RelevantKnowledge
C:\Program Files (x86)\SourceApp
C:\Program Files (x86)\SearchProtect
C:\Windows\System32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys
C:\Windows\System32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys
C:\Windows\System32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys
C:\Windows\System32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys
C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys
C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys
C:\Users\Dubravka\AppData\Roaming\OpenCandy
C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic
C:\Users\Dubravka\AppData\Local\SoftonicAssistant
C:\Users\Dubravka\AppData\Local\SearchProtect
C:\Program Files (x86)\pcfreesoft.com
D:\Users\Dubravka\AppData\Local\Softonic
C:\Users\Dubravka\AppData\Local\SoftonicAssistant

EmptyTemp:

End



U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).




Arrow Korak 3

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

offline
  • Pridružio: 16 Jan 2015
  • Poruke: 20
  • Gde živiš: Budva

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-01-2015 01
Ran by Dubravka at 2015-01-16 18:12:04 Run:1
Running from C:\Users\Dubravka\Desktop
Loaded Profiles: Dubravka (Available profiles: Dubravka)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start

CloseProcesses:

R1 {073f2b9a-2357-4614-b174-3fc1afffe941}Gw64; C:\Windows\System32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys [48784 2014-12-31] (StdLib)
R1 {122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64; C:\Windows\System32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys [48784 2015-01-03] (StdLib)
R1 {549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64; C:\Windows\System32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys [48784 2015-01-12] (StdLib)
R1 {95282a5e-d707-43c0-b998-d6a934a963a8}Gw64; C:\Windows\System32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys [48784 2015-01-10] (StdLib)
R1 {cad8ac99-1831-4a75-b758-e4235c95af75}Gw64; C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys [48784 2015-01-15] (StdLib)
R1 {fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64; C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys [48784 2015-01-06] (StdLib)
HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\...\MountPoints2: {c5fba74c-9112-11e4-8fff-5891cf4f26fc} - F:\csgo_license.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [245056 2014-12-24] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [215360 2014-12-24] (Client Connect LTD)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\Software\Microsoft\Internet Explorer\Main,Start Page = trovi.com/?gd=&ctid=CT3330371&o.....&SSPV=
SearchScopes: HKU\S-1-5-21-3974460009-2644055296-1832368804-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = trovi.com/Results.aspx?gd=&ctid=CT3.....44F&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3974460009-2644055296-1832368804-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = trovi.com/Results.aspx?gd=&ctid=CT3.....44F&q={searchTerms}&SSPV=
BHO-x32: SourceApp 1.0.0.6 -> {9f7ab9c4-4da3-440e-ba84-95903165f129} -> C:\Program Files (x86)\SourceApp\SourceAppbho.dll (SourceApp)
CHR StartupUrls: Profile 1 -> "hxxp://www.trovi.com/?gd=&ctid=CT3330371&octid=EB_ORIGINAL_CTID&ISID=95234a1a-28dd-45f3-9f03-a62a6c7b1dee&SearchSource=55&CUI=&UM=8&UP=SP3BC4B426-BE5C-4261-9E3F-8CF5226FF44F&SSPV=", "https://www.google.me/?gws_rd=cr,ssl&ei=fAAKVLbWFKGhyAPT4oG4CQ"
CHR Extension: (SourceApp) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aladhhghkicmehdgfinekjlflfjmckkj [2015-01-01]
CHR Extension: (iLivid) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2014-12-27]
CHR Extension: (Lamborghini Sesto Elemento Theme) - C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dappigdjllcnkkoacaoolciaolaaiemb [2014-12-27]
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [186136 2013-08-17] (TMRG, Inc.) <==== ATTENTION
R2 Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe [529136 2015-01-16] ()
R2 Util SourceApp; C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe [529136 2015-01-16] ()
Task: {F9056C29-121C-41F0-82D3-761C6E92D01D} - System32\Tasks\{57DAEEE3-ECB0-409A-BA87-FE68B77815F0} => pcalua.exe -a "F:\ah 531\CHIPSET_V9.2.0.1021_WIN7-64_CA41534-9366.EXE" -d "F:\ah 531"
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Softonic for Windows" /f
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoftonicAssistant" /f
C:\Program Files (x86)\RelevantKnowledge
C:\Program Files (x86)\SourceApp
C:\Program Files (x86)\SearchProtect
C:\Windows\System32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys
C:\Windows\System32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys
C:\Windows\System32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys
C:\Windows\System32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys
C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys
C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys
C:\Users\Dubravka\AppData\Roaming\OpenCandy
C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic
C:\Users\Dubravka\AppData\Local\SoftonicAssistant
C:\Users\Dubravka\AppData\Local\SearchProtect
C:\Program Files (x86)\pcfreesoft.com
D:\Users\Dubravka\AppData\Local\Softonic
C:\Users\Dubravka\AppData\Local\SoftonicAssistant

EmptyTemp:

End
*****************

Processes closed successfully.
{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64 => Service stopped successfully.
{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64 => Service deleted successfully.
{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64 => Service stopped successfully.
{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64 => Service deleted successfully.
{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64 => Service stopped successfully.
{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64 => Service deleted successfully.
{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64 => Service stopped successfully.
{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64 => Service deleted successfully.
{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64 => Service stopped successfully.
{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64 => Service deleted successfully.
{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64 => Service stopped successfully.
{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64 => Service deleted successfully.
"HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5fba74c-9112-11e4-8fff-5891cf4f26fc}" => Key deleted successfully.
HKCR\CLSID\{c5fba74c-9112-11e4-8fff-5891cf4f26fc} => Key not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll" => Value Data not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" => Value Data not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3974460009-2644055296-1832368804-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => Key deleted successfully.
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9f7ab9c4-4da3-440e-ba84-95903165f129} => Key not found.
HKCR\Wow6432Node\CLSID\{9f7ab9c4-4da3-440e-ba84-95903165f129} => Key not found.
Chrome StartupUrls deleted successfully.
C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aladhhghkicmehdgfinekjlflfjmckkj => Moved successfully.
C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafaimnnclfjfedmmabolbppcngeolgf => Moved successfully.
C:\Users\Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dappigdjllcnkkoacaoolciaolaaiemb => Moved successfully.
RelevantKnowledge => Service not found.
Update SourceApp => Service not found.
Util SourceApp => Service not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9056C29-121C-41F0-82D3-761C6E92D01D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9056C29-121C-41F0-82D3-761C6E92D01D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{57DAEEE3-ECB0-409A-BA87-FE68B77815F0} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{57DAEEE3-ECB0-409A-BA87-FE68B77815F0}" => Key deleted successfully.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Softonic for Windows" /f =========

The operation completed successfully.


========= End of CMD: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoftonicAssistant" /f =========

The operation completed successfully.


========= End of CMD: =========

C:\Program Files (x86)\RelevantKnowledge => Moved successfully.
"C:\Program Files (x86)\SourceApp" => File/Directory not found.
"C:\Program Files (x86)\SearchProtect" => File/Directory not found.
C:\Windows\System32\drivers\{073f2b9a-2357-4614-b174-3fc1afffe941}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{122141c3-e1a4-4af5-b3d7-650743f49ec0}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{95282a5e-d707-43c0-b998-d6a934a963a8}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys => Moved successfully.
C:\Users\Dubravka\AppData\Roaming\OpenCandy => Moved successfully.
"C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic" => File/Directory not found.
"C:\Users\Dubravka\AppData\Local\SoftonicAssistant" => File/Directory not found.
"C:\Users\Dubravka\AppData\Local\SearchProtect" => File/Directory not found.
C:\Program Files (x86)\pcfreesoft.com => Moved successfully.
"D:\Users\Dubravka\AppData\Local\Softonic" => File/Directory not found.
"C:\Users\Dubravka\AppData\Local\SoftonicAssistant" => File/Directory not found.
EmptyTemp: => Removed 2.9 GB temporary data.


The system needed a reboot.

==== End of Fixlog 18:13:00 ====


mycity.rs/must-login.png

Čini mi se da sam sve uradio kako treba. Ako sam negde pogriješio molim vas izvinite.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10610
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

process;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.

offline
  • Pridružio: 16 Jan 2015
  • Poruke: 20
  • Gde živiš: Budva

Zoek.exe v5.0.0.0 Updated 15-01-2015
Tool run by Dubravka on Fri 01/16/2015 at 19:10:05.34.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dubravka\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

1/16/2015 7:14:13 PM Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
D:\Program Files (x86)\GameTracker\GSInGameService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Dubravka\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Dubravka\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-01-16 15:13:59 BD041CA1884A4CAFDAC4E1CC3E2BDCD4 71344 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-16 15:13:59 B90754CE050A5559D5385771B55EE8F7 701616 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 19:39:56 FE48346938C1CDDDF4E4097DB9B99764 52224 ----a-w- C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 19:39:56 92940397DFFB4D237EA5BB22FF912BDC 156672 ----a-w- C:\Windows\SysWOW64\ncsi.dll
2015-01-13 19:39:43 2AF481C03C0383ADE09FFEDA0C583140 3971512 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 19:39:41 8A289EF0AE709327D6AA9769E108B5A6 3916728 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 19:39:30 9606307F5E1EABA98ACB61206EFC2127 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2015-01-04 11:49:55 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-01-04 11:49:55 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\Windows\SysWOW64\XAudio2_7.dll
2015-01-04 11:49:54 4FD7BCB9D8AF6A165E9BA0C2EB702E7C 239960 ----a-w- C:\Windows\SysWOW64\xactengine3_7.dll
2015-01-04 11:49:52 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-01-04 11:49:51 83EBA442F07AAB8D6375D2EEC945C46C 1868128 ----a-w- C:\Windows\SysWOW64\d3dcsx_43.dll
2015-01-04 11:49:50 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\SysWOW64\d3dx11_43.dll
2015-01-04 11:49:48 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\SysWOW64\D3DX9_43.dll
2015-01-04 11:49:48 20C835843FCEC4DEDFCD7BFFA3B91641 470880 ----a-w- C:\Windows\SysWOW64\d3dx10_43.dll
2015-01-04 11:49:45 E4CE2AF32F501A7F7DDDD908704A0EE6 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-01-04 11:49:45 4976243BD70FAE3D1D24E49739AB2710 528216 ----a-w- C:\Windows\SysWOW64\XAudio2_6.dll
2015-01-04 11:49:43 F81C4678A55FFEE585AC75825FAF5582 238936 ----a-w- C:\Windows\SysWOW64\xactengine3_6.dll
2015-01-04 11:49:42 C811E70C8804CFFF719038250A43B464 22360 ----a-w- C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-01-04 11:49:42 8B01FB723F3B30AB3DEBDDBF97CFE577 515416 ----a-w- C:\Windows\SysWOW64\XAudio2_5.dll
2015-01-04 11:49:40 DB3C93E87452B8DAB4F58ED1FD2B1998 238936 ----a-w- C:\Windows\SysWOW64\xactengine3_5.dll
2015-01-04 11:49:38 B33B21DB610116262D906305CE65C354 1974616 ----a-w- C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-01-04 11:49:35 B337306DFB508A1BCEF1974BFBB8D924 5501792 ----a-w- C:\Windows\SysWOW64\d3dcsx_42.dll
2015-01-04 11:49:32 D09AC80A4B5312239852836C84DF3392 235344 ----a-w- C:\Windows\SysWOW64\d3dx11_42.dll
2015-01-04 11:49:31 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\Windows\SysWOW64\d3dx10_42.dll
2015-01-04 11:49:28 C6A44FC3CF2F5801561804272217B14D 1892184 ----a-w- C:\Windows\SysWOW64\D3DX9_42.dll
2015-01-04 11:49:26 781E8B5B6FDB3C9B4E4A4A9FB019960D 1846632 ----a-w- C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-01-04 11:49:26 1AA571774936717EE776DBED51E9EDF4 453456 ----a-w- C:\Windows\SysWOW64\d3dx10_41.dll
2015-01-04 11:49:24 3FA06CF5079B84155D18B05C08F7131B 4178264 ----a-w- C:\Windows\SysWOW64\D3DX9_41.dll
2015-01-04 11:49:23 E684C5FA18ADF9EA14737757413BF727 517448 ----a-w- C:\Windows\SysWOW64\XAudio2_4.dll
2015-01-04 11:49:23 30686ECE80545E06D78D156EB9F7D463 69464 ----a-w- C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-01-04 11:49:21 686F8D1B4926D48227A06ACD4D41CD1E 235352 ----a-w- C:\Windows\SysWOW64\xactengine3_4.dll
2015-01-04 11:49:20 E763798CAD2A90B6AB61854F50CD47DD 22360 ----a-w- C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-01-04 11:49:18 91B4AAD4412BB223B466F3DFB43E86DA 452440 ----a-w- C:\Windows\SysWOW64\d3dx10_40.dll
2015-01-04 11:49:18 3384134EEB8F223178C2EB8323003EC0 2036576 ----a-w- C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-01-04 11:49:16 EEA5E428CE63804F9B12D21C97B5968F 4379984 ----a-w- C:\Windows\SysWOW64\D3DX9_40.dll
2015-01-04 11:49:14 47ED15DC87AE334C13C4DACD1BE2CCED 514384 ----a-w- C:\Windows\SysWOW64\XAudio2_3.dll
2015-01-04 11:49:14 295E47A75F278580F9441041EAAEA3D2 70992 ----a-w- C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-01-04 11:49:13 8BA296419AF3417D1E9806B83166E472 235856 ----a-w- C:\Windows\SysWOW64\xactengine3_3.dll
2015-01-04 11:49:12 350FEFE18B86BD4D9AB2A96D00215A49 23376 ----a-w- C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-01-04 11:49:10 D95EAABF5D277EF91D9CA70151209E56 68616 ----a-w- C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-01-04 11:49:10 50F4A0D5E6A0BAFEFA78F353533B8E06 509448 ----a-w- C:\Windows\SysWOW64\XAudio2_2.dll
2015-01-04 11:49:09 F3C6BE26949CAADB11DBF0086082FAC9 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_2.dll
2015-01-04 11:49:08 E6C2F1D8B667DDC04CB55B9F0159EF97 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_39.dll
2015-01-04 11:49:08 C4F1972497FE2CEB7D900938C97FCF91 1493528 ----a-w- C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-01-04 11:49:04 8CB3DEFB8887C4F0846DB1FC1304D6D2 3851784 ----a-w- C:\Windows\SysWOW64\D3DX9_39.dll
2015-01-04 11:49:03 DD165760F1B95200A3DA2D9DFDB84234 65032 ----a-w- C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-01-04 11:49:02 E34FF0115B1EE3B4E03D22AE9840EE03 507400 ----a-w- C:\Windows\SysWOW64\XAudio2_1.dll
2015-01-04 11:49:01 E3832514BD21236067B7227F6165EF95 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-01-04 11:49:01 2E0E25252E1D41752876E9FE12ADE175 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_1.dll
2015-01-04 11:49:00 A2650B27472C21CDD817EEEDE65648E1 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_38.dll
2015-01-04 11:49:00 103CBFC5591008AD33046E20E8E1EEBE 1491992 ----a-w- C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-01-04 11:48:57 8F3EB548AC4ED90252394F60C77E3196 3850760 ----a-w- C:\Windows\SysWOW64\D3DX9_38.dll
2015-01-04 11:48:55 418CDC57E55EE79C3F86C13A19B3D5E3 479752 ----a-w- C:\Windows\SysWOW64\XAudio2_0.dll
2015-01-04 11:48:54 8A83673F0AB001870583FDE2B004FA59 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_0.dll
2015-01-04 11:48:53 C593FD0A96EE4B6390B653C4C641313F 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-01-04 11:48:51 EA752DBCE35045D3C830DC16578CC8AB 1420824 ----a-w- C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-01-04 11:48:51 4A43E9A2B17E4CAFA9CB5FEC0B5B686B 462864 ----a-w- C:\Windows\SysWOW64\d3dx10_37.dll
2015-01-04 11:48:50 AC3C517FB0FBBE45FE44007BCD3625A7 3786760 ----a-w- C:\Windows\SysWOW64\D3DX9_37.dll
2015-01-04 11:48:48 73E055AF78A64F9B2779D44407CA2AB6 267272 ----a-w- C:\Windows\SysWOW64\xactengine2_10.dll
2015-01-04 11:48:46 FB4299688A0D3A37687C015AC2B9922D 1374232 ----a-w- C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-01-04 11:48:46 D9158E78A368B08D9133043EB3058C12 444776 ----a-w- C:\Windows\SysWOW64\d3dx10_36.dll
2015-01-04 11:48:44 44BFEC5C9C82A2EE9871D88FD3B9A0E2 3734536 ----a-w- C:\Windows\SysWOW64\d3dx9_36.dll
2015-01-04 11:48:43 46EE68F04A75A1CCF40235EA6F1CBA05 267112 ----a-w- C:\Windows\SysWOW64\xactengine2_9.dll
2015-01-04 11:48:41 F3764552E45880DC49B82F38699AA87C 444776 ----a-w- C:\Windows\SysWOW64\d3dx10_35.dll
2015-01-04 11:48:41 5B441670A4F5F8BCCE76741902B8AF56 1358192 ----a-w- C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-01-04 11:48:38 3EF18B78D17C962F2B71AC1CB7757684 3727720 ----a-w- C:\Windows\SysWOW64\d3dx9_35.dll
2015-01-04 11:48:36 F6A9FC2AD2F9111372B5AB3BBA3707EC 17928 ----a-w- C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-01-04 11:48:36 499210C45AFEAADEE8CF4DCF7D5E570B 266088 ----a-w- C:\Windows\SysWOW64\xactengine2_8.dll
2015-01-04 11:48:35 75F206C195BBACA6EF28565B1C0CD75C 1124720 ----a-w- C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-01-04 11:48:35 5AA9987F2E62B56D7661B6901901F927 443752 ----a-w- C:\Windows\SysWOW64\d3dx10_34.dll
2015-01-04 11:48:34 1CA939918ED1B930059B3A882DE6F648 3497832 ----a-w- C:\Windows\SysWOW64\d3dx9_34.dll
2015-01-04 11:48:32 77F595DEE5FFACEA72B135B1FCE1312E 81768 ----a-w- C:\Windows\SysWOW64\xinput1_3.dll
2015-01-04 11:48:30 7FEBB8CE2233CBAE738B16D42ED29674 261480 ----a-w- C:\Windows\SysWOW64\xactengine2_7.dll
2015-01-04 11:48:28 FAE7E1D578C42A7C3D9D61A99D178BD5 1123696 ----a-w- C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-01-04 11:48:28 37A8171ACCF46A9C196054066C28827F 443752 ----a-w- C:\Windows\SysWOW64\d3dx10_33.dll
2015-01-04 11:48:27 CDB1CD22BAFF21F48606B3C1A18B000B 3495784 ----a-w- C:\Windows\SysWOW64\d3dx9_33.dll
2015-01-04 11:48:26 39000E033D39D19CCCE21AEAFCCE2476 255848 ----a-w- C:\Windows\SysWOW64\xactengine2_6.dll
2015-01-04 11:48:24 86C93789E9006F1AC47ED9DD47D4C8A1 251672 ----a-w- C:\Windows\SysWOW64\xactengine2_5.dll
2015-01-04 11:48:23 6F34F7405807DCBF0B9BF6811C94C6D9 440080 ----a-w- C:\Windows\SysWOW64\d3dx10.dll
2015-01-04 11:48:21 26AF232140C88B42D92A88F2198EDF6A 3426072 ----a-w- C:\Windows\SysWOW64\d3dx9_32.dll
2015-01-04 11:48:20 6550E1A0A7BE611592C31222FCB981FB 237848 ----a-w- C:\Windows\SysWOW64\xactengine2_4.dll
2015-01-04 11:48:20 121B131EAA369D8F58DACC5C39A77D80 15128 ----a-w- C:\Windows\SysWOW64\x3daudio1_1.dll
2015-01-04 11:48:19 797E24743937D67D69F28F2CF5052EE8 2414360 ----a-w- C:\Windows\SysWOW64\d3dx9_31.dll
2015-01-04 11:48:17 69D841744B2BAE38FBB2D40A230A549C 236824 ----a-w- C:\Windows\SysWOW64\xactengine2_3.dll
2015-01-04 11:48:16 33B62BE226934E1B01F5043870C70427 62744 ----a-w- C:\Windows\SysWOW64\xinput1_2.dll
2015-01-04 11:48:15 5C4D3843B491C047B7A619901FBD2EC1 230168 ----a-w- C:\Windows\SysWOW64\xactengine2_2.dll
2015-01-04 11:48:14 F1726346E583442541FE73429F8E9C10 62672 ----a-w- C:\Windows\SysWOW64\xinput1_1.dll
2015-01-04 11:48:14 7C9952111F4C743B9F0D8B68B6ED93C9 229584 ----a-w- C:\Windows\SysWOW64\xactengine2_1.dll
2015-01-04 11:48:02 E415862612E65F10D7D888443ECD7594 2388176 ----a-w- C:\Windows\SysWOW64\d3dx9_30.dll
2015-01-04 11:47:59 4E961525CC7FF0E5D7DA19E170B7C14C 14032 ----a-w- C:\Windows\SysWOW64\x3daudio1_0.dll
2015-01-04 11:47:59 2112FE0C46662D429347A7D7B49E3ECE 230096 ----a-w- C:\Windows\SysWOW64\xactengine2_0.dll
2015-01-04 11:47:57 99F4FC172A5ACE36CF00AA7038D23F2C 2332368 ----a-w- C:\Windows\SysWOW64\d3dx9_29.dll
2015-01-04 11:47:55 BE19B603DFBAA829EE5B7749B3BA97DB 2323664 ----a-w- C:\Windows\SysWOW64\d3dx9_28.dll
2015-01-04 11:47:52 852EDC778A7A50077694F84D8E601234 2319568 ----a-w- C:\Windows\SysWOW64\d3dx9_27.dll
2015-01-04 11:47:50 523AB607EEF81CC4D909E7FEBD8A788E 2297552 ----a-w- C:\Windows\SysWOW64\d3dx9_26.dll
2015-01-04 11:47:48 5B48FE9D6686F0D54B26A005ACE24D1D 2337488 ----a-w- C:\Windows\SysWOW64\d3dx9_25.dll
2015-01-04 11:47:46 BC831661963763AC4D504C5CABB1FDD9 2222800 ----a-w- C:\Windows\SysWOW64\d3dx9_24.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-01-16 14:04:14 93B0550500D1BD86CBAB9C4CC6B6A356 113365784 ----a-w- C:\Windows\Sysnative\MRT.exe
2015-01-13 19:40:02 5B9954AE9FD4682DADD5EBC0301366B0 52736 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe
2015-01-13 19:39:59 B6A58491307B4CADA572583D863DC602 210432 ----a-w- C:\Windows\Sysnative\profsvc.dll
2015-01-13 19:39:56 8B301D474B478E9A92823BAB50A7BC49 303616 ----a-w- C:\Windows\Sysnative\nlasvc.dll
2015-01-13 19:39:44 0A70B8D78AF95894E221DDAC6482DF6D 5553592 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2015-01-13 19:39:37 F4846789B3795F14DCB7D92ED1DAF74F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll
2015-01-13 19:39:33 DE595EACC79006E7B15B848BF0831E78 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe
2015-01-13 19:39:31 BA6D609BAB615991E8791CA1DFFD034C 50176 ----a-w- C:\Windows\Sysnative\srclient.dll
2015-01-10 11:45:16 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\Sysnative\aswBoot.exe
2015-01-04 11:49:55 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\Windows\Sysnative\XAPOFX1_5.dll
2015-01-04 11:49:55 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\Windows\Sysnative\XAudio2_7.dll
2015-01-04 11:49:54 BDEC09A032DB44D9CDB3A0D97224D64E 176984 ----a-w- C:\Windows\Sysnative\xactengine3_7.dll
2015-01-04 11:49:52 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\Windows\Sysnative\D3DCompiler_43.dll
2015-01-04 11:49:51 5F1DA86286A2DFB01C4FED55C2DD1D61 1907552 ----a-w- C:\Windows\Sysnative\d3dcsx_43.dll
2015-01-04 11:49:50 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\Windows\Sysnative\d3dx11_43.dll
2015-01-04 11:49:48 AD7FA9485059F4DC53C98B49CAB13F0B 511328 ----a-w- C:\Windows\Sysnative\d3dx10_43.dll
2015-01-04 11:49:48 7160FC226391C0B50C85571FA1A546E5 2401112 ----a-w- C:\Windows\Sysnative\D3DX9_43.dll
2015-01-04 11:49:45 A9724EB3D6CC032D0C4ECAFF4AD8C17F 78680 ----a-w- C:\Windows\Sysnative\XAPOFX1_4.dll
2015-01-04 11:49:45 05E88C8D8E652DFF03B469331F474CCE 530776 ----a-w- C:\Windows\Sysnative\XAudio2_6.dll
2015-01-04 11:49:43 936DCC640B2991905D909395E03B64F9 176984 ----a-w- C:\Windows\Sysnative\xactengine3_6.dll
2015-01-04 11:49:42 C291AEFD47A587FF5F509E2F96613F7D 517960 ----a-w- C:\Windows\Sysnative\XAudio2_5.dll
2015-01-04 11:49:42 B4FF2A39685C1A6D43F0E56EB350AF3A 24920 ----a-w- C:\Windows\Sysnative\X3DAudio1_7.dll
2015-01-04 11:49:40 51D65BE2F794B944CADAF287B34EF603 176968 ----a-w- C:\Windows\Sysnative\xactengine3_5.dll
2015-01-04 11:49:38 E92D2E4AFA43CD39A8C1C2C2DB59667E 2582888 ----a-w- C:\Windows\Sysnative\D3DCompiler_42.dll
2015-01-04 11:49:35 F13B90F5090EBA9041558BC6AAED79B8 5554512 ----a-w- C:\Windows\Sysnative\d3dcsx_42.dll
2015-01-04 11:49:32 522749761B6CC69F8630F4B472DCA623 285024 ----a-w- C:\Windows\Sysnative\d3dx11_42.dll
2015-01-04 11:49:31 B739C423276AE62D7AC91773226EC13B 523088 ----a-w- C:\Windows\Sysnative\d3dx10_42.dll
2015-01-04 11:49:28 1AF7AE1FDE027A30B9097280819A0A86 2475352 ----a-w- C:\Windows\Sysnative\D3DX9_42.dll
2015-01-04 11:49:26 E730967811E3702499446FFC8A432607 520544 ----a-w- C:\Windows\Sysnative\d3dx10_41.dll
2015-01-04 11:49:26 A59A5BADE4AF200C720D99EAE6E04E0E 2430312 ----a-w- C:\Windows\Sysnative\D3DCompiler_41.dll
2015-01-04 11:49:24 ECDDB13BC805B9F3EF3A855E6FD85C69 5425496 ----a-w- C:\Windows\Sysnative\D3DX9_41.dll
2015-01-04 11:49:23 B94F08069EFE2F8151DEF350E526E063 521560 ----a-w- C:\Windows\Sysnative\XAudio2_4.dll
2015-01-04 11:49:23 37B348A79C4C9B8AB925B18FFD241E96 73544 ----a-w- C:\Windows\Sysnative\XAPOFX1_3.dll
2015-01-04 11:49:21 1BA01062450BD1F052C54C01C12248F6 174936 ----a-w- C:\Windows\Sysnative\xactengine3_4.dll
2015-01-04 11:49:20 EEE871CC4F5563FF8B3C8385B32B0C5F 24920 ----a-w- C:\Windows\Sysnative\X3DAudio1_6.dll
2015-01-04 11:49:18 862586AD4B1355F7DCDE111EE0AAF350 519000 ----a-w- C:\Windows\Sysnative\d3dx10_40.dll
2015-01-04 11:49:18 37309B833480DC69FDE7DB68F9B8BC20 2605920 ----a-w- C:\Windows\Sysnative\D3DCompiler_40.dll
2015-01-04 11:49:16 29A79F0B607FAF5722D7BAF2485F632A 5631312 ----a-w- C:\Windows\Sysnative\D3DX9_40.dll
2015-01-04 11:49:14 758139A39AECC1B512576275A27C1177 518480 ----a-w- C:\Windows\Sysnative\XAudio2_3.dll
2015-01-04 11:49:14 2F8F9B707FED2405A787380230CC6FA9 74576 ----a-w- C:\Windows\Sysnative\XAPOFX1_2.dll
2015-01-04 11:49:13 84B41FD03CAFC5048346B3B2AB92D199 175440 ----a-w- C:\Windows\Sysnative\xactengine3_3.dll
2015-01-04 11:49:12 CFF1C1F7B9F855DDEE431D7B5DCACDF8 25936 ----a-w- C:\Windows\Sysnative\X3DAudio1_5.dll
2015-01-04 11:49:10 E335DF094836EE7030F1B9CE7429E884 513544 ----a-w- C:\Windows\Sysnative\XAudio2_2.dll
2015-01-04 11:49:10 0F2DB378FBE2D124E4D3631B329688AE 72200 ----a-w- C:\Windows\Sysnative\XAPOFX1_1.dll
2015-01-04 11:49:09 CC8399A9E51B2AF1C2C20A26D85EB60E 177672 ----a-w- C:\Windows\Sysnative\xactengine3_2.dll
2015-01-04 11:49:08 EAA692FDC990ED0407DF957316DA33C2 540688 ----a-w- C:\Windows\Sysnative\d3dx10_39.dll
2015-01-04 11:49:08 7741A0A6CED6C441B97D625B730D6075 1942552 ----a-w- C:\Windows\Sysnative\D3DCompiler_39.dll
2015-01-04 11:49:04 7505C133FC704B40CFDDFD38777BAAC3 4992520 ----a-w- C:\Windows\Sysnative\D3DX9_39.dll
2015-01-04 11:49:03 0E92D8C0ECA74B6D0A55ABAD53226113 68104 ----a-w- C:\Windows\Sysnative\XAPOFX1_0.dll
2015-01-04 11:49:02 E9C0F926D7C9082A805F4FEF81DEEB30 511496 ----a-w- C:\Windows\Sysnative\XAudio2_1.dll
2015-01-04 11:49:01 DE6004D16DBACD781ED4596C4FEA7D14 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_4.dll
2015-01-04 11:49:01 A2A098BF5A8C255A0090818AD8E87B0F 177672 ----a-w- C:\Windows\Sysnative\xactengine3_1.dll
2015-01-04 11:49:00 A7E59BB6FAC119FABB83F18BD72AA1D7 1941528 ----a-w- C:\Windows\Sysnative\D3DCompiler_38.dll
2015-01-04 11:49:00 72CB653CECF4EA670E7F5A8D74358423 540688 ----a-w- C:\Windows\Sysnative\d3dx10_38.dll
2015-01-04 11:48:57 E5EC2AB7156A752F9614CDA4BE66EFE8 4991496 ----a-w- C:\Windows\Sysnative\D3DX9_38.dll
2015-01-04 11:48:55 29AF48F6C894328A58DEFDC560A70CF3 489480 ----a-w- C:\Windows\Sysnative\XAudio2_0.dll
2015-01-04 11:48:54 A8B5370B7B61D3777D840DA1C64A1C2D 177672 ----a-w- C:\Windows\Sysnative\xactengine3_0.dll
2015-01-04 11:48:53 C4C2ED69B18EE1C60026877FCC470FA7 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_3.dll
2015-01-04 11:48:51 A8C5688BBA00C1630550F26260AB5CAE 529424 ----a-w- C:\Windows\Sysnative\d3dx10_37.dll
2015-01-04 11:48:51 31026CEA5AFA2798292179102C06FE40 1860120 ----a-w- C:\Windows\Sysnative\D3DCompiler_37.dll
2015-01-04 11:48:50 8A10974DC6E1E42BDC635C2C2AFBD2CC 4910088 ----a-w- C:\Windows\Sysnative\D3DX9_37.dll
2015-01-04 11:48:48 E8932AF24786765859558CB79E385AC2 411656 ----a-w- C:\Windows\Sysnative\xactengine2_10.dll
2015-01-04 11:48:46 7299DF5CF81135934740211D9A946737 2006552 ----a-w- C:\Windows\Sysnative\D3DCompiler_36.dll
2015-01-04 11:48:46 570FDAE7041775DE0C67747BB7081939 508264 ----a-w- C:\Windows\Sysnative\d3dx10_36.dll
2015-01-04 11:48:44 BBB6C6833C30E323B41860D6DF61972D 5081608 ----a-w- C:\Windows\Sysnative\d3dx9_36.dll
2015-01-04 11:48:43 A69C32C2BD01522A088D254342826866 411496 ----a-w- C:\Windows\Sysnative\xactengine2_9.dll
2015-01-04 11:48:41 B21427EDF0449E92000FF497DAAF89C9 1985904 ----a-w- C:\Windows\Sysnative\D3DCompiler_35.dll
2015-01-04 11:48:41 84116AA94672D623B95217648AE5B5B9 508264 ----a-w- C:\Windows\Sysnative\d3dx10_35.dll
2015-01-04 11:48:38 1B3AF16A27D390096925576202A64037 5073256 ----a-w- C:\Windows\Sysnative\d3dx9_35.dll
2015-01-04 11:48:36 FA485E76F94B7457767E372F47757733 409960 ----a-w- C:\Windows\Sysnative\xactengine2_8.dll
2015-01-04 11:48:36 BC78D5328541410510DDE06B9FA92024 21000 ----a-w- C:\Windows\Sysnative\X3DAudio1_2.dll
2015-01-04 11:48:35 9D9407F52B8E24E99358D9944B0D5FA3 1401200 ----a-w- C:\Windows\Sysnative\D3DCompiler_34.dll
2015-01-04 11:48:35 1ED4E7A82BD5C7DEED082F00E63BB7A0 506728 ----a-w- C:\Windows\Sysnative\d3dx10_34.dll
2015-01-04 11:48:34 AE5D5439525B4A4CBF206058D493685D 4496232 ----a-w- C:\Windows\Sysnative\d3dx9_34.dll
2015-01-04 11:48:32 BFB3091B167550EC6E6454813D3DB244 107368 ----a-w- C:\Windows\Sysnative\xinput1_3.dll
2015-01-04 11:48:30 8C970509E0AE10061E3ED6D51E34FEB9 403304 ----a-w- C:\Windows\Sysnative\xactengine2_7.dll
2015-01-04 11:48:28 839C3921005BB41D441E3752C74F2292 506728 ----a-w- C:\Windows\Sysnative\d3dx10_33.dll
2015-01-04 11:48:28 3EBF620536A13CA343E52ECA4F0DE7F8 1400176 ----a-w- C:\Windows\Sysnative\D3DCompiler_33.dll
2015-01-04 11:48:27 3172C3CAC8EA7CA1B5D5AF6699C037D6 4494184 ----a-w- C:\Windows\Sysnative\d3dx9_33.dll
2015-01-04 11:48:26 4837A54574A6105D404A8560984B93DD 393576 ----a-w- C:\Windows\Sysnative\xactengine2_6.dll
2015-01-04 11:48:24 398FF46FF7354FED2F0F1AECDB546866 390424 ----a-w- C:\Windows\Sysnative\xactengine2_5.dll
2015-01-04 11:48:23 8251826F04BA0822D08AD9B92C65A3D5 469264 ----a-w- C:\Windows\Sysnative\d3dx10.dll
2015-01-04 11:48:21 A4DDFE5DC4E73D1FED9B1B3A3D885612 4398360 ----a-w- C:\Windows\Sysnative\d3dx9_32.dll
2015-01-04 11:48:20 58BB51253427A834A8807B9245CC5965 364824 ----a-w- C:\Windows\Sysnative\xactengine2_4.dll
2015-01-04 11:48:20 489E5B8BB1BD1028FF1C798EAAEC65E4 17688 ----a-w- C:\Windows\Sysnative\x3daudio1_1.dll
2015-01-04 11:48:19 FAAA0BB9CD2905B25334132E5BA093EB 3977496 ----a-w- C:\Windows\Sysnative\d3dx9_31.dll
2015-01-04 11:48:17 0396D2A98B0CCD4419B572EBF618E81E 363288 ----a-w- C:\Windows\Sysnative\xactengine2_3.dll
2015-01-04 11:48:16 06F15D3CB1AE0EAFA50F595B3FF8D9F5 83736 ----a-w- C:\Windows\Sysnative\xinput1_2.dll
2015-01-04 11:48:15 DC5A914C34EB12056531777D4DD0F44E 354072 ----a-w- C:\Windows\Sysnative\xactengine2_2.dll
2015-01-04 11:48:14 6F9D3289D8B166E478AFFF9EFA92C42C 83664 ----a-w- C:\Windows\Sysnative\xinput1_1.dll
2015-01-04 11:48:14 0CC809422AB40974DFF8078392E4D507 352464 ----a-w- C:\Windows\Sysnative\xactengine2_1.dll
2015-01-04 11:48:02 E09A9CF383ACF4A28038561E62277377 3927248 ----a-w- C:\Windows\Sysnative\d3dx9_30.dll
2015-01-04 11:47:59 F77D5AB654881E683CFF6650916C424E 16592 ----a-w- C:\Windows\Sysnative\x3daudio1_0.dll
2015-01-04 11:47:59 CE5753F9A27837259EB52F3F47F39593 355536 ----a-w- C:\Windows\Sysnative\xactengine2_0.dll
2015-01-04 11:47:57 68B35CBDB4A8CC424718BBCC894FEEEA 3830992 ----a-w- C:\Windows\Sysnative\d3dx9_29.dll
2015-01-04 11:47:55 88BAC8306D4EC79A82B1FFA17DC8CF4A 3815120 ----a-w- C:\Windows\Sysnative\d3dx9_28.dll
2015-01-04 11:47:52 914C3237E4D145A18DCD1D0D4C8659E1 3807440 ----a-w- C:\Windows\Sysnative\d3dx9_27.dll
2015-01-04 11:47:50 44F5C5E27D6825E4E62420BC29B8B533 3767504 ----a-w- C:\Windows\Sysnative\d3dx9_26.dll
2015-01-04 11:47:48 4C56E7C5B2A61353E534C7D15D05856D 3823312 ----a-w- C:\Windows\Sysnative\d3dx9_25.dll
2015-01-04 11:47:46 B165DF72E13E6AF74D47013504319921 3544272 ----a-w- C:\Windows\Sysnative\d3dx9_24.dll
====== C:\Windows\Sysnative\drivers =====
2015-01-13 19:39:53 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
2015-01-01 07:50:03 33F90B202E9DD9B7D489EB59310FDC34 283064 ----a-w- C:\Windows\Sysnative\drivers\dtsoftbus01.sys
====== C:\Windows\Tasks ======
2015-01-16 15:14:00 87B67F9640FE5FAE4C57E574EAF26DC1 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-16 15:14:00 4A4B7EF030D9D2664BF4432D656A1914 3768 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2015-01-04 10:27:14 7D6772B43B00D80158CD3E9D4CB8E7E3 3832 ----a-w- C:\Windows\Sysnative\Tasks\Opera scheduled Autoupdate 1420367225
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-01-15 08:09:16 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2015-01-15 08:09:16 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2015-01-15 08:05:17 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0
2015-01-15 08:05:16 -------- d-----w- C:\Program Files\Microsoft Help Viewer
======= C:\PROGRA~2 =====
2015-01-16 09:11:00 -------- d-----w- C:\PROGRA~2\BandiMPEG1
2015-01-15 08:09:42 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server
2015-01-15 08:09:35 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight
2015-01-15 08:09:04 -------- d-----w- C:\PROGRA~2\Microsoft Synchronization Services
2015-01-15 08:09:03 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server Compact Edition
2015-01-15 08:05:16 -------- d-----w- C:\PROGRA~2\Microsoft SDKs
2015-01-05 13:57:31 -------- d-----w- C:\PROGRA~2\MADFINGER Games
2015-01-04 11:27:36 -------- d-----w- C:\PROGRA~2\Counter-Strike Global Offensive
2015-01-04 10:25:59 -------- d-----w- C:\PROGRA~2\Opera
2014-12-26 16:45:53 -------- d-----w- C:\PROGRA~2\Counter-Strike 1.6
2014-12-21 14:11:24 -------- d-----w- C:\PROGRA~2\Winrar
======= C: =====
2015-01-13 22:50:25 C952EDAF306C0F3EFC9FE24489D05587 3480 ------w- C:\bootsqm.dat
====== C:\Users\Dubravka\AppData\Roaming ======
2015-01-16 14:13:30 -------- d-----w- C:\Users\Dubravka\AppData\Local\Adobe
2015-01-16 12:46:08 -------- d-----w- C:\Users\Dubravka\AppData\Local\Temporary Projects
2015-01-16 09:19:09 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\BANDISOFT
2015-01-15 11:30:16 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\Microsoft Corporation
2015-01-05 14:01:04 -------- d-----w- C:\Users\Dubravka\AppData\Locallow\MADFINGER Games_ a_s_
2015-01-05 13:58:38 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MADFINGER Games
2015-01-04 12:25:15 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\TuneUp Software
2015-01-04 12:25:15 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\TuneUp Software
2015-01-04 10:52:41 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
2015-01-04 10:52:41 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2015-01-04 10:28:43 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\TuneUp Software
2015-01-04 10:28:43 -------- d-----w- C:\Users\Dubravka\AppData\Local\TuneUp Software
2015-01-04 10:27:17 -------- d-----w- C:\Users\Dubravka\AppData\Local\Opera Software
2015-01-04 10:27:16 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\Opera Software
2015-01-04 10:25:49 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\IHlpr
2015-01-01 07:49:57 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\DAEMON Tools Lite
2014-12-30 10:28:43 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\SearchProtect
2014-12-29 10:35:11 D0A7CE5EEFB884915B659C13D098D0B0 58016 ----a-w- C:\Users\Dubravka\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-28 07:25:56 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\skyz
2014-12-27 14:25:45 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite
2014-12-27 14:25:44 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\GameTracker
2014-12-27 14:23:47 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\GameTracker
2014-12-27 07:02:27 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS
2014-12-27 06:24:21 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\Unity
2014-12-27 06:20:58 -------- d-----w- C:\Users\Dubravka\AppData\Locallow\Unity
2014-12-27 06:20:58 -------- d-----w- C:\Users\Dubravka\AppData\Local\Unity
2014-12-23 23:31:34 -------- d-sh--w- C:\Users\Dubravka\AppData\Locallow\EmieUserList
2014-12-23 23:31:34 -------- d-sh--w- C:\Users\Dubravka\AppData\Locallow\EmieSiteList
2014-12-23 23:31:34 -------- d-sh--w- C:\Users\Dubravka\AppData\Locallow\EmieBrowserModeList
2014-12-22 17:32:14 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-12-22 17:32:08 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\.minecraft
2014-12-22 05:38:24 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\WinRAR
2014-12-21 14:12:01 -------- d-----w- C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-21 12:38:50 -------- d-----w- C:\Users\Dubravka\AppData\Local\Programs
====== C:\Users\Dubravka ======
2015-01-16 17:20:42 61CA40317EBF1254770BF8B495B3F8DA 2191360 ----a-w- C:\Users\Dubravka\Desktop\AdwCleaner.exe
2015-01-16 14:28:38 D23EC5AF103C75F3496C19A5885CF2A2 2125312 ----a-w- C:\Users\Dubravka\Desktop\FRST64.exe
2015-01-16 13:08:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2015-01-16 13:08:08 -------- d-----w- C:\ProgramData\MCShield
2015-01-16 13:02:46 6E44C49039E696991D2DB54B5C81E2F5 2856736 ----a-w- C:\Users\Dubravka\Downloads\MCShield-Setup.exe
2015-01-16 11:25:59 F3D6129B4D9B06DC3A306A39893CE6DB 335872 ----a-w- C:\Users\Dubravka\Desktop\Pristupite facebook-u bez interneta.exe
2015-01-16 09:38:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2015-01-16 09:23:58 CDEA61F8362AEA75B82B936F49CF8838 9495760 ----a-w- C:\Users\Dubravka\Downloads\bdcamsetup (1).exe
2015-01-16 09:09:29 CDEA61F8362AEA75B82B936F49CF8838 9495760 ----a-w- C:\Users\Dubravka\Downloads\bdcamsetup.exe
2015-01-16 07:17:29 16F04CBEDBB77E358E918479125FA11C 10595 ----a-w- C:\Users\Dubravka\Downloads\KOD.txt.exe
2015-01-15 11:07:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Automatic Mouse Move and Click Software
2015-01-15 11:05:33 F09D359B2AC267ED4D683548C8EF7A0B 5108463 ----a-w- C:\Users\Dubravka\Downloads\setup.exe
2015-01-15 08:08:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2015-01-15 07:51:30 C2843B765E5E9171CF24D42EB9087C4E 3264328 ----a-w- C:\Users\Dubravka\Downloads\vb_web.exe
2015-01-05 13:38:53 69483E1596928FA1C3198828F64413EF 191454420 ----a-w- C:\Users\Dubravka\Downloads\DeadZone_setup.exe
2015-01-04 11:45:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive
2015-01-04 10:28:18 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-01-04 10:28:18 -------- d--h--w- C:\ProgramData\Common Files
2015-01-04 10:28:18 -------- d-----w- C:\ProgramData\TuneUp Software
2015-01-04 10:25:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine v.6.4
2015-01-04 10:24:09 58E286356ED95579127915341D05544A 9052192 ----a-w- C:\Users\Dubravka\Downloads\CheatEngine64.exe
2015-01-01 10:39:18 8E1B08222F20E45A3E8DB04C569F9CB7 8 --sha-r- C:\ProgramData\ntuser.pol
2015-01-01 07:51:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-01-01 07:48:37 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2014-12-21 14:12:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

====== C: exe-files ==
2015-01-16 17:20:42 61CA40317EBF1254770BF8B495B3F8DA 2191360 ----a-w- C:\Users\Dubravka\Desktop\AdwCleaner.exe
2015-01-16 16:42:49 BA7DC0C9141BE7292CA7E744B6F19F26 897104 ----a-w- C:\Program Files (x86)\Google\Update\Install\{54FC6C5A-B959-40B3-854B-B37F436AB927}\39.0.2171.99_39.0.2171.95_chrome_updater.exe
2015-01-16 16:42:49 BA7DC0C9141BE7292CA7E744B6F19F26 897104 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.99\39.0.2171.99_39.0.2171.95_chrome_updater.exe
2015-01-16 15:13:59 B90754CE050A5559D5385771B55EE8F7 701616 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-16 14:28:38 D23EC5AF103C75F3496C19A5885CF2A2 2125312 ----a-w- C:\Users\Dubravka\Desktop\FRST64.exe
2015-01-16 14:04:14 93B0550500D1BD86CBAB9C4CC6B6A356 113365784 ----a-w- C:\Windows\System32\MRT.exe
2015-01-16 13:08:12 6E44C49039E696991D2DB54B5C81E2F5 2856736 ----a-w- C:\ProgramData\MCShield\MCShield-Setup.exe
2015-01-16 13:02:46 6E44C49039E696991D2DB54B5C81E2F5 2856736 ----a-w- C:\Users\Dubravka\Downloads\MCShield-Setup.exe
2015-01-16 11:25:59 F3D6129B4D9B06DC3A306A39893CE6DB 335872 ----a-w- C:\Users\Dubravka\Desktop\Pristupite facebook-u bez interneta.exe
2015-01-16 09:23:58 CDEA61F8362AEA75B82B936F49CF8838 9495760 ----a-w- C:\Users\Dubravka\Downloads\bdcamsetup (1).exe
2015-01-16 09:11:05 EB497216D2EB7CA32A2248A84A7DAAA5 52589 ----a-w- C:\Program Files (x86)\BandiMPEG1\uninstall.exe
2015-01-16 09:09:29 CDEA61F8362AEA75B82B936F49CF8838 9495760 ----a-w- C:\Users\Dubravka\Downloads\bdcamsetup.exe
2015-01-16 08:58:55 4DCE1DDA508CCA2598C627181EDF1100 487424 ----a-w- C:\Users\Dubravka\Desktop\ \VisualStudio 2010\Projects\Projekat I\Projekat I\obj\x86\Debug\Projekat I.exe
2015-01-16 08:58:55 4DCE1DDA508CCA2598C627181EDF1100 487424 ----a-w- C:\Users\Dubravka\Desktop\ \VisualStudio 2010\Projects\Projekat I\Projekat I\bin\Debug\Projekat I.exe
2015-01-16 08:58:55 02BE6D33B1EDBC61C79882D3F556BD8A 11600 ----a-w- C:\Users\Dubravka\Desktop\ \VisualStudio 2010\Projects\Projekat I\Projekat I\bin\Debug\Projekat I.vshost.exe
2015-01-16 07:17:29 16F04CBEDBB77E358E918479125FA11C 10595 ----a-w- C:\Users\Dubravka\Downloads\KOD.txt.exe
2015-01-15 11:05:33 F09D359B2AC267ED4D683548C8EF7A0B 5108463 ----a-w- C:\Users\Dubravka\Downloads\setup.exe
2015-01-15 09:31:30 F3D6129B4D9B06DC3A306A39893CE6DB 335872 ----a-w- C:\Users\Dubravka\Desktop\ \VisualStudio 2010\Projects\Pristupite facebook-u bez interneta\Pristupite facebook-u bez interneta\obj\x86\Debug\Pristupite facebook-u bez interneta.exe
2015-01-15 09:31:30 F3D6129B4D9B06DC3A306A39893CE6DB 335872 ----a-w- C:\Users\Dubravka\Desktop\ \VisualStudio 2010\Projects\Pristupite facebook-u bez interneta\Pristupite facebook-u bez interneta\bin\Debug\Pristupite facebook-u bez interneta.exe
2015-01-15 09:31:30 02BE6D33B1EDBC61C79882D3F556BD8A 11600 ----a-w- C:\Users\Dubravka\Desktop\ \VisualStudio 2010\Projects\Pristupite facebook-u bez interneta\Pristupite facebook-u bez interneta\bin\Debug\Pristupite facebook-u bez interneta.vshost.exe
2015-01-15 08:10:31 74CB08B27E638CF4CA6C1C9D2992C63B 791888 ----a-w- C:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.0\install.exe
2015-01-15 07:51:30 C2843B765E5E9171CF24D42EB9087C4E 3264328 ----a-w- C:\Users\Dubravka\Downloads\vb_web.exe
2015-01-13 19:40:02 5B9954AE9FD4682DADD5EBC0301366B0 52736 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2015-01-13 19:39:44 0A70B8D78AF95894E221DDAC6482DF6D 5553592 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-01-13 19:39:43 2AF481C03C0383ADE09FFEDA0C583140 3971512 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 19:39:41 8A289EF0AE709327D6AA9769E108B5A6 3916728 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 19:39:33 DE595EACC79006E7B15B848BF0831E78 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-01-10 11:45:16 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\System32\aswBoot.exe
=== C: other files ==
2015-01-15 20:48:36 97DA5D48630E307350320862C8F1D7C8 795 ----a-w- C:\Users\Dubravka\AppData\Local\TechSmith\Camtasia Studio\8.0\TUDI\CamtasiaRecorderTUDIData-435129A0-FD27-4CC4-8AC0-48FC0291585F.zip
2015-01-15 20:45:24 DECA17D62F180951C99E35E4AE7F615F 796 ----a-w- C:\Users\Dubravka\AppData\Local\TechSmith\Camtasia Studio\8.0\TUDI\CamtasiaStudioTUDIData-C76C0C3B-63C2-4B13-9FE7-460C66D3E825.zip
2015-01-15 20:32:35 66162FCF981C0099CB0AD876585B7C46 5114 ----a-w- C:\Users\Dubravka\AppData\Local\TechSmith\Camtasia Studio\8.0\TUDI\CamtasiaStudioTUDIData-3504AE4B-4BBB-41BA-92EE-8D37A0C6B6BC.zip
2015-01-13 19:39:53 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2015-01-10 12:21:33 E5BA7836D0AAC4C5F95E93E30B660F9B 40656 ----a-w- C:\Users\Dubravka\Downloads\75054-Ratatouille.zip
2015-01-10 07:11:04 C4DBB53301E2898F55B8C1098176AA6E 260423 ----a-w- C:\Users\Dubravka\AppData\Roaming\Opera Software\Opera Stable\dictionaries\en-US.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3974460009-2644055296-1832368804-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"MCShield Monitor"="D:\Program Files (x86)\MCShield\mcshieldrtm.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"Automatic Mouse Move and Click Software.exe"=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MCShield Monitor"="D:\Program Files (x86)\MCShield\mcshieldrtm.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BTMTrayAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BTMTrayAgent"
"hkey"="HKLM"
"command"="rundll32.exe \"C:\\Program Files (x86)\\Intel\\Bluetooth\\btmshell.dll\",TrayApp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"D:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Dubravka\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HotKeysCmds"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\hkcmd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IgfxTray"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelPAN]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IntelPAN"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\iFrmewrk.exe\" /tf Intel PAN Tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Persistence"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxpers.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVCpl"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Sidebar"
"hkey"="HKCU"
"command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\snp2uvc]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="snp2uvc"
"hkey"="HKLM"
"command"="C:\\Windows\\vsnp2uvc.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Folders ======================

2014-10-14 16:40:21 1730 ----a-w- C:\Users\Dubravka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [01/16/2015 04:13 PM]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3974460009-2644055296-1832368804-1000Core.job --a------ C:\Users\Dubravka\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/05/2014 10:08 PM]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3974460009-2644055296-1832368804-1000UA.job --a------ C:\Users\Dubravka\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/05/2014 10:08 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/12/2014 12:50 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/12/2014 12:50 PM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3974460009-2644055296-1832368804-1000Core" [C:\Users\Dubravka\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3974460009-2644055296-1832368804-1000UA" [C:\Users\Dubravka\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1420367225" [C:\Program Files (x86)\Opera\launcher.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [01/10/2015 12:44 PM]

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.99 (Up to date, latest Stable version: 39.0.2171.99)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12/14/2014 05:22 PM]

Google Slides - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Lamborghini Sesto Elemento Theme - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dappigdjllcnkkoacaoolciaolaaiemb
Google Sheets - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Avast Online Security - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Dubravka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Drive - Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap
AdBlock - Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Dubravka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Fri 01/16/2015 at 19:19:42.54 ======================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10610
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ovo mi izgleda čisto. Kakvo je sada stanje sistema?

offline
  • Pridružio: 16 Jan 2015
  • Poruke: 20
  • Gde živiš: Budva

Brže mi otvara stranice na internetu i ne pojavljuju se više reklame, prezadovoljan sam. smešak

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10610
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Da obavimo još i ARK provjeru.

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

offline
  • Pridružio: 16 Jan 2015
  • Poruke: 20
  • Gde živiš: Budva

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
malwarebytes.org

Database version: v2015.01.16.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Dubravka :: DUBRAVKA-PC [administrator]

1/16/2015 7:47:13 PM
mbar-log-2015-01-16 (19-47-13).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 321377
Time elapsed: 14 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Dubravka\Desktop\Desktop\WINRAR_3.93_PRO_Final_2010\Winrar3.93.exe (RiskWare.Tool.CK) -> Delete on reboot. [8198ed0b4643bb7b919c8d1a90757b85]

Physical Sectors Detected: 0
(No malicious items detected)

(end)


mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10610
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

To bi bilo to.

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.




Pozdrav.

Ko je trenutno na forumu
 

Ukupno su 393 korisnika na forumu :: 8 registrovanih, 2 sakrivenih i 383 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: ALBION101, darios, dragon986, Dukelander, ILGromovnik, nemkea71, scimitar19, Vlada1389