Windows 8.1 moguc opet neki spyware ili vec

Windows 8.1 moguc opet neki spyware ili vec

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

pozdrav,

cini mi se da mi se isto desava kao prethodni put na ovoj

mycity.rs/Arhiva-Ambulante/win-8-1-prob.....i-vec.html

kada je uspeno otklonjen.

opet pri pokusaju instaliranja nekog programcica mi se dodatno instaliralo ... uz to i

search.conduit.com/?ctid=CT3319434&octi.....&SSPV=

koje nikako ne moze da se otkloni.

u chrome uspeh nekako promeniti, li u IE ne.

plus se odjednom pojavilo mysearch deal stranica kad startujem browser.

od tada mi chrome mnogo usporenije radi.

da li mozete opet da mi poognete da otklonim ovo s****.


plus na desktopu su se pojavile dve ikonice:
FREE Games i MySearchDial kao i DVDVideoSoft Free Studio a ne mogu da deinstaliram jer ih nema u programs.

hvala unapred na pomoci!!

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6074

Pozdrav,


Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop:
Postoji 32bit. i 64bit.-na verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom.
Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija.


dvoklikom pokreni program, kada se alat pokrene klikni Yes na disclaimer prozor;
pričekati koji trenutak dok alat proverava postoji li novija verzija;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt);
okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

Napisano: 27 Jan 2014 21:41

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 01
Ran by M (administrator) on MIKI on 27-01-2014 21:19:48
Running from C:\Users\M\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\WindowsApps\3983JEFBCreating.BubbleBreaker_1.0.0.10_neutral__vy786dcgg6jz4\PIANO8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-10-29] (Synaptics Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM-x32\...\Run: [Bonus.SSR.FR11] - C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [934152 2011-11-07] (ABBYY.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.conduit.com/?ctid=CT3319434&octid=EB.....8B81&SSPV=
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = start.mysearchdial.com/?f=1&a=md1202&cd=2Xz.....787612&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = start.mysearchdial.com/?f=1&a=md1202&cd=2Xz.....787612&ir=
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md1202&cd=2XzuyEtN2Y1L1Qzu0DyE0Czy0E0FyC0DtByDyC0AtCzy0BzztN0D0Tzu0CyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=259787612&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = search.conduit.com/Results.aspx?ctid=CT3319.....0418B81&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = search.conduit.com/Results.aspx?ctid=CT3319.....0418B81&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md1202&cd=2XzuyEtN2Y1L1Qzu0DyE0Czy0E0FyC0DtByDyC0AtCzy0BzztN0D0Tzu0CyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=259787612&ir=
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = mysearch.avg.com/search?cid={82110886-AF83-41E2-9311-E6EA9BC5A991}&mid=b67864deaeab47d29d720580a989cc99-2604b6c59a5880e68469e7ec7c3592e90e8366ba&lang=de&ds=gm011&coid=avgtbdisgm&cmpid=&pr=sa&d=2014-01-08 20:09:51&v=17.2.0.38&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPE4B98199-7D3E-450A-8FC6-E264F0418B81&SSPV=
CHR Extension: (Google Docs) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-11]
CHR Extension: (Google Drive) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-11]
CHR Extension: (YouTube) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-11]
CHR Extension: (Google-Suche) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-11]
CHR Extension: (Google+) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-11-03]
CHR Extension: (LastPass) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-10-11]
CHR Extension: (Dropbox) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-10-29]
CHR Extension: (Evernote Web) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2013-10-29]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2013-11-17]
CHR Extension: (Norton Identity Protection) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-10-11]
CHR Extension: (Google Wallet) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-11]
CHR Extension: (Awesome New Tab Page 2(EXT)) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijkglihmcefogkmgibpajfaiekekllk [2013-10-27]
CHR Extension: (Google Mail) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-11]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\M\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\M\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2013-12-11]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\M\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-10-12] (ABBYY)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-27] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140124.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (http://libusb-win32.sourceforge.net)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140127.002\ENG64.SYS [126040 2014-01-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140127.002\EX64.SYS [2099288 2014-01-24] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-10-12] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-27 21:19 - 2014-01-27 21:20 - 00019012 _____ C:\Users\M\Desktop\FRST.txt
2014-01-27 21:19 - 2014-01-27 21:19 - 00000000 ____D C:\FRST
2014-01-27 21:18 - 2014-01-27 21:18 - 02079232 _____ (Farbar) C:\Users\M\Desktop\FRST64.exe
2014-01-26 19:08 - 2014-01-26 21:11 - 367930882 _____ C:\Users\M\Downloads\Ravna_Gora_Ep.05.avi
2014-01-26 16:28 - 2014-01-26 19:02 - 368081806 _____ C:\Users\M\Downloads\Ravna Gora Ep.04.avi
2014-01-26 12:16 - 2014-01-26 15:25 - 00270969 _____ C:\Users\M\Downloads\vezba.xlsx
2014-01-26 12:16 - 2014-01-26 12:16 - 00000165 ____H C:\Users\M\Downloads\~$vezba.xlsx
2014-01-25 18:38 - 2014-01-25 18:39 - 00382800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-25 18:21 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-01-25 18:21 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-01-25 18:21 - 2013-11-27 09:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-01-25 18:21 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-01-25 18:21 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-01-25 18:21 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-01-25 18:21 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-01-25 18:21 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-25 18:21 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-01-25 18:21 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-01-25 18:21 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-01-25 18:21 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-25 18:21 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-25 18:21 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-25 18:21 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-25 18:21 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-01-25 18:21 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-01-25 18:20 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-01-25 18:20 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-01-25 18:20 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-01-25 18:20 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-01-25 18:20 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-01-25 18:20 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-01-25 18:20 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-01-25 18:20 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-01-25 18:20 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-01-25 18:20 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-01-25 18:20 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-01-25 18:20 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-01-25 18:20 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-01-25 18:20 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-01-25 18:20 - 2013-11-27 05:01 - 00385614 _____ C:\WINDOWS\system32\ApnDatabase.xml
2014-01-25 18:20 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-01-25 18:20 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-01-25 18:20 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-01-25 18:20 - 2013-11-25 02:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-01-25 18:20 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-01-25 18:20 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-01-25 18:20 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-01-25 18:20 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-01-25 18:20 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-01-25 18:20 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-01-25 18:20 - 2013-11-23 08:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-01-25 18:20 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-01-25 18:20 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-01-25 18:20 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-01-25 18:20 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-01-25 18:20 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-01-25 18:20 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-01-25 18:20 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-01-25 18:20 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-01-25 18:20 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-01-25 18:20 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-01-25 18:20 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-01-25 18:20 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-01-25 18:20 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-01-25 18:19 - 2013-12-11 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-01-25 14:39 - 2014-01-25 14:39 - 00083824 _____ C:\Users\M\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-25 13:41 - 2014-01-27 19:14 - 00214291 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-25 12:28 - 2014-01-25 12:28 - 04721920 _____ (Piriform Ltd) C:\Users\M\Downloads\ccsetup410.exe
2014-01-20 22:21 - 2014-01-20 22:21 - 00000000 ____D C:\Users\M\Downloads\knjige
2014-01-20 22:19 - 2014-01-20 22:19 - 35785429 _____ C:\Users\M\Downloads\ask.7z
2014-01-20 21:42 - 2014-01-20 21:42 - 00033015 _____ C:\Users\M\Downloads\80434.xlsx
2014-01-20 21:37 - 2014-01-20 21:37 - 00060416 _____ C:\Users\M\Downloads\withdrawals-Canuck.xls
2014-01-20 21:32 - 2014-01-20 21:32 - 00312320 _____ C:\Users\M\Downloads\drawdown-vs-cagr.xls
2014-01-20 21:20 - 2014-01-20 21:20 - 00033063 _____ C:\Users\M\Downloads\golden-ratios.ZIP
2014-01-20 21:11 - 2014-01-20 21:12 - 01412096 _____ C:\Users\M\Downloads\compare-to-historical3.xls
2014-01-20 21:11 - 2014-01-20 21:11 - 00619008 _____ C:\Users\M\Downloads\compare-to-historical.xls
2014-01-20 21:04 - 2014-01-20 21:04 - 00738304 _____ C:\Users\M\Downloads\portfolio-vs-index.xls
2014-01-20 21:00 - 2014-01-20 21:00 - 00116224 _____ C:\Users\M\Downloads\CAGR-eg.xls
2014-01-20 20:56 - 2014-01-20 20:56 - 00332288 _____ C:\Users\M\Downloads\momentum.xls
2014-01-20 20:46 - 2014-01-20 20:46 - 00435712 _____ C:\Users\M\Downloads\moving-CAGR.xls
2014-01-20 19:42 - 2014-01-20 19:42 - 00045128 _____ C:\Users\M\Downloads\175333-about.time.2013.720p.bluray.x264.dtsevo.zip
2014-01-20 19:22 - 2014-01-25 09:54 - 00000000 ____D C:\Users\M\Downloads\The Family (2013)
2014-01-20 19:20 - 2014-01-25 14:56 - 00000000 ____D C:\Users\M\Downloads\Saving Mr Banks 2013 DVDSCR[AC3] juggs
2014-01-19 15:21 - 2014-01-19 15:21 - 00001450 _____ C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-01-19 15:21 - 2014-01-19 15:21 - 00001255 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-01-19 15:20 - 2014-01-19 15:21 - 00000000 ____D C:\Users\M\AppData\Roaming\DVDVideoSoft
2014-01-19 15:20 - 2014-01-19 15:21 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2014-01-19 15:20 - 2014-01-19 15:20 - 00000000 ____D C:\Users\M\AppData\Roaming\OpenCandy
2014-01-18 21:16 - 2014-01-15 13:23 - 00099884 _____ C:\Users\M\Downloads\Sherlock.3x03.His.Last.Vow.REPACK.HDTV.x264-FoV.srt
2014-01-18 18:17 - 2014-01-25 13:12 - 00000000 ____D C:\Users\M\Desktop\Dubai
2014-01-18 08:09 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-18 08:09 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-18 08:08 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-18 08:08 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-18 08:08 - 2013-11-27 11:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-18 08:08 - 2013-11-27 10:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-18 08:08 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-18 08:08 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-18 08:08 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-18 08:08 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-18 08:08 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-18 07:38 - 2014-01-18 07:44 - 593738670 ____R C:\Users\M\Downloads\Sherlock.3x03.His.Last.Vow.REPACK.HDTV.x264-FoV.mp4
2014-01-09 20:24 - 2014-01-09 21:15 - 1987806758 ____R C:\Users\M\Downloads\Escape Plan 2013 HDTV AC3 XViD - OLDTiMERS.avi
2014-01-09 20:12 - 2014-01-09 20:18 - 318319181 ____R C:\Users\M\Downloads\Intelligence.US.S01E01.HDTV.x264-LOL.mp4
2014-01-08 19:30 - 2014-01-08 19:37 - 641086269 ____R C:\Users\M\Downloads\Sherlock.3x02.The.Sign.Of.Three.HDTV.x264-FoV.mp4
2014-01-08 16:24 - 2014-01-09 23:05 - 00068152 _____ C:\Users\M\Downloads\Escape Plan 2013 HDTV AC3 XViD - OLDTiMERS.srt
2014-01-08 10:59 - 2014-01-09 23:00 - 00089585 _____ C:\Users\M\Downloads\Sherlock.3x02.The.Sign.Of.Three.HDTV.x264-FoV.srt
2014-01-02 18:27 - 2014-01-02 22:31 - 00000000 ____D C:\Users\M\Downloads\12.Years.a.Slave.2013.DVDScr.XVID.AC3.HQ.Hive-CM8
2014-01-02 18:19 - 2014-01-02 18:36 - 592075605 ____R C:\Users\M\Downloads\Sherlock.3x01.The.Empty.Hearse.HDTV.x264-FoV.mp4
2013-12-30 19:08 - 2013-12-30 19:08 - 00123889 _____ C:\Users\M\Downloads\Mappe3.xlsx
2013-12-28 20:03 - 2013-12-28 22:20 - 00104556 _____ C:\Users\M\Downloads\Downton.Abbey.2013.Christmas.Special.HDTV.x264-FoV.srt

==================== One Month Modified Files and Folders =======

2014-01-27 21:20 - 2014-01-27 21:19 - 00019012 _____ C:\Users\M\Desktop\FRST.txt
2014-01-27 21:19 - 2014-01-27 21:19 - 00000000 ____D C:\FRST
2014-01-27 21:18 - 2014-01-27 21:18 - 02079232 _____ (Farbar) C:\Users\M\Desktop\FRST64.exe
2014-01-27 21:06 - 2013-10-28 19:43 - 00003898 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A8839A3A-2C06-4EC8-AC66-7675966FEDE7}
2014-01-27 21:04 - 2013-10-11 18:49 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-27 21:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-27 20:57 - 2013-05-13 16:57 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-01-27 20:56 - 2012-09-26 08:53 - 00000950 _____ C:\WINDOWS\SysWOW64\bscs.ini
2014-01-27 19:14 - 2014-01-25 13:41 - 00214291 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-27 19:03 - 2013-09-30 05:14 - 01980934 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-27 19:03 - 2013-09-30 04:56 - 00842568 _____ C:\WINDOWS\system32\perfh007.dat
2014-01-27 19:03 - 2013-09-30 04:56 - 00191764 _____ C:\WINDOWS\system32\perfc007.dat
2014-01-27 19:02 - 2013-10-11 18:24 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-432700491-4017870644-2687449469-1002
2014-01-27 19:01 - 2013-10-27 23:16 - 00000000 __RDO C:\Users\M\SkyDrive
2014-01-27 19:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-27 18:59 - 2013-10-11 18:51 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-27 18:57 - 2013-10-11 18:49 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-27 18:56 - 2013-10-27 22:46 - 00000000 ____D C:\Users\M
2014-01-27 18:56 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-26 21:11 - 2014-01-26 19:08 - 367930882 _____ C:\Users\M\Downloads\Ravna_Gora_Ep.05.avi
2014-01-26 19:02 - 2014-01-26 16:28 - 368081806 _____ C:\Users\M\Downloads\Ravna Gora Ep.04.avi
2014-01-26 15:25 - 2014-01-26 12:16 - 00270969 _____ C:\Users\M\Downloads\vezba.xlsx
2014-01-26 12:16 - 2014-01-26 12:16 - 00000165 ____H C:\Users\M\Downloads\~$vezba.xlsx
2014-01-26 12:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2014-01-26 02:45 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2014-01-26 02:44 - 2013-10-11 19:11 - 00000000 ____D C:\Users\M\AppData\Roaming\uTorrent
2014-01-25 19:45 - 2013-12-21 15:36 - 00000000 ____D C:\Users\M\Downloads\Casablanca[1942]DvDrip[Eng]-FXG
2014-01-25 18:40 - 2013-10-11 18:15 - 00000000 ___RD C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-25 18:40 - 2013-10-11 18:15 - 00000000 ___RD C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-25 18:39 - 2014-01-25 18:38 - 00382800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-25 18:35 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2014-01-25 18:35 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2014-01-25 18:35 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2014-01-25 18:35 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2014-01-25 18:35 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2014-01-25 18:35 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2014-01-25 18:24 - 2013-10-11 18:10 - 00000000 ____D C:\Users\M\AppData\Local\Packages
2014-01-25 18:23 - 2013-05-13 16:50 - 00005660 _____ C:\WINDOWS\system32\RaCoInst.log
2014-01-25 14:56 - 2014-01-20 19:20 - 00000000 ____D C:\Users\M\Downloads\Saving Mr Banks 2013 DVDSCR[AC3] juggs
2014-01-25 14:49 - 2013-11-10 13:20 - 00000000 ____D C:\Users\M\Desktop\500 Zaboravljenih
2014-01-25 14:39 - 2014-01-25 14:39 - 00083824 _____ C:\Users\M\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-25 13:51 - 2013-10-12 07:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-25 13:46 - 2013-10-12 07:12 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-25 13:21 - 2013-10-11 20:48 - 00167221 _____ C:\Users\M\Desktop\Mappe1.xlsx
2014-01-25 13:12 - 2014-01-18 18:17 - 00000000 ____D C:\Users\M\Desktop\Dubai
2014-01-25 13:07 - 2013-10-14 20:48 - 00188928 ___SH C:\Users\M\Desktop\Thumbs.db
2014-01-25 12:29 - 2013-11-10 18:25 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-25 12:29 - 2013-11-10 18:25 - 00000000 ____D C:\Program Files\CCleaner
2014-01-25 12:28 - 2014-01-25 12:28 - 04721920 _____ (Piriform Ltd) C:\Users\M\Downloads\ccsetup410.exe
2014-01-25 09:54 - 2014-01-20 19:22 - 00000000 ____D C:\Users\M\Downloads\The Family (2013)
2014-01-25 09:15 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2014-01-25 09:13 - 2013-05-13 16:57 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-01-23 19:16 - 2013-12-07 12:30 - 00000000 ____D C:\ProgramData\CanonIJPLM
2014-01-23 18:16 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2014-01-20 22:21 - 2014-01-20 22:21 - 00000000 ____D C:\Users\M\Downloads\knjige
2014-01-20 22:19 - 2014-01-20 22:19 - 35785429 _____ C:\Users\M\Downloads\ask.7z
2014-01-20 21:42 - 2014-01-20 21:42 - 00033015 _____ C:\Users\M\Downloads\80434.xlsx
2014-01-20 21:37 - 2014-01-20 21:37 - 00060416 _____ C:\Users\M\Downloads\withdrawals-Canuck.xls
2014-01-20 21:32 - 2014-01-20 21:32 - 00312320 _____ C:\Users\M\Downloads\drawdown-vs-cagr.xls
2014-01-20 21:20 - 2014-01-20 21:20 - 00033063 _____ C:\Users\M\Downloads\golden-ratios.ZIP
2014-01-20 21:12 - 2014-01-20 21:11 - 01412096 _____ C:\Users\M\Downloads\compare-to-historical3.xls
2014-01-20 21:11 - 2014-01-20 21:11 - 00619008 _____ C:\Users\M\Downloads\compare-to-historical.xls
2014-01-20 21:04 - 2014-01-20 21:04 - 00738304 _____ C:\Users\M\Downloads\portfolio-vs-index.xls
2014-01-20 21:00 - 2014-01-20 21:00 - 00116224 _____ C:\Users\M\Downloads\CAGR-eg.xls
2014-01-20 20:56 - 2014-01-20 20:56 - 00332288 _____ C:\Users\M\Downloads\momentum.xls
2014-01-20 20:46 - 2014-01-20 20:46 - 00435712 _____ C:\Users\M\Downloads\moving-CAGR.xls
2014-01-20 19:42 - 2014-01-20 19:42 - 00045128 _____ C:\Users\M\Downloads\175333-about.time.2013.720p.bluray.x264.dtsevo.zip
2014-01-19 22:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-19 15:21 - 2014-01-19 15:21 - 00001450 _____ C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-01-19 15:21 - 2014-01-19 15:21 - 00001255 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-01-19 15:21 - 2014-01-19 15:20 - 00000000 ____D C:\Users\M\AppData\Roaming\DVDVideoSoft
2014-01-19 15:21 - 2014-01-19 15:20 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2014-01-19 15:20 - 2014-01-19 15:20 - 00000000 ____D C:\Users\M\AppData\Roaming\OpenCandy
2014-01-19 08:04 - 2013-10-11 20:37 - 00870912 ___SH C:\Users\M\Downloads\Thumbs.db
2014-01-18 08:31 - 2013-10-12 11:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-18 07:44 - 2014-01-18 07:38 - 593738670 ____R C:\Users\M\Downloads\Sherlock.3x03.His.Last.Vow.REPACK.HDTV.x264-FoV.mp4
2014-01-15 13:23 - 2014-01-18 21:16 - 00099884 _____ C:\Users\M\Downloads\Sherlock.3x03.His.Last.Vow.REPACK.HDTV.x264-FoV.srt
2014-01-09 23:05 - 2014-01-08 16:24 - 00068152 _____ C:\Users\M\Downloads\Escape Plan 2013 HDTV AC3 XViD - OLDTiMERS.srt
2014-01-09 23:00 - 2014-01-08 10:59 - 00089585 _____ C:\Users\M\Downloads\Sherlock.3x02.The.Sign.Of.Three.HDTV.x264-FoV.srt
2014-01-09 21:15 - 2014-01-09 20:24 - 1987806758 ____R C:\Users\M\Downloads\Escape Plan 2013 HDTV AC3 XViD - OLDTiMERS.avi
2014-01-09 20:18 - 2014-01-09 20:12 - 318319181 ____R C:\Users\M\Downloads\Intelligence.US.S01E01.HDTV.x264-LOL.mp4
2014-01-08 20:10 - 2013-10-11 21:15 - 00001225 _____ C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-01-08 20:10 - 2013-10-11 21:15 - 00001201 _____ C:\Users\Public\Desktop\GOM Player.lnk
2014-01-08 19:37 - 2014-01-08 19:30 - 641086269 ____R C:\Users\M\Downloads\Sherlock.3x02.The.Sign.Of.Three.HDTV.x264-FoV.mp4
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-02 22:31 - 2014-01-02 18:27 - 00000000 ____D C:\Users\M\Downloads\12.Years.a.Slave.2013.DVDScr.XVID.AC3.HQ.Hive-CM8
2014-01-02 18:36 - 2014-01-02 18:19 - 592075605 ____R C:\Users\M\Downloads\Sherlock.3x01.The.Empty.Hearse.HDTV.x264-FoV.mp4
2013-12-30 19:08 - 2013-12-30 19:08 - 00123889 _____ C:\Users\M\Downloads\Mappe3.xlsx
2013-12-28 22:20 - 2013-12-28 20:03 - 00104556 _____ C:\Users\M\Downloads\Downton.Abbey.2013.Christmas.Special.HDTV.x264-FoV.srt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-26 12:36

==================== End Of Log ============================

Dopuna: 27 Jan 2014 21:42

mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6074

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:
Start
C:\Users\M\AppData\Local\mysearchdial-speeddial.crx
CMD: ipconfig /flushdns
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3319434&octid=EB.....8B81&SSPV=
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=md1202&cd=2Xz.....787612&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=md1202&cd=2Xz.....787612&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md1202&cd=2XzuyEtN2Y1L1Qzu0DyE0Czy0E0FyC0DtByDyC0AtCzy0BzztN0D0Tzu0CyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=259787612&ir=
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3319.....0418B81&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3319.....0418B81&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md1202&cd=2XzuyEtN2Y1L1Qzu0DyE0Czy0E0FyC0DtByDyC0AtCzy0BzztN0D0Tzu0CyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=259787612&ir=
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={82110886-AF83-41E2-9311-E6EA9BC5A991}&mid=b67864deaeab47d29d720580a989cc99-2604b6c59a5880e68469e7ec7c3592e90e8366ba&lang=de&ds=gm011&coid=avgtbdisgm&cmpid=&pr=sa&d=2014-01-08 20:09:51&v=17.2.0.38&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\M\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\M\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\M\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CMD: DEL %TEMP%\*.* /F /S /Q
End

2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-01-2014 01
Ran by M at 2014-01-28 20:45:39 Run:1
Running from C:\Users\M\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
C:\Users\M\AppData\Local\mysearchdial-speeddial.crx
CMD: ipconfig /flushdns
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.conduit.com/?ctid=CT3319434&octid=EB.....8B81&SSPV=
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = start.mysearchdial.com/?f=1&a=md1202&cd=2Xz.....787612&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = start.mysearchdial.com/?f=1&a=md1202&cd=2Xz.....787612&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md1202&cd=2XzuyEtN2Y1L1Qzu0DyE0Czy0E0FyC0DtByDyC0AtCzy0BzztN0D0Tzu0CyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=259787612&ir=
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = search.conduit.com/Results.aspx?ctid=CT3319.....0418B81&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = search.conduit.com/Results.aspx?ctid=CT3319.....0418B81&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md1202&cd=2XzuyEtN2Y1L1Qzu0DyE0Czy0E0FyC0DtByDyC0AtCzy0BzztN0D0Tzu0CyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=259787612&ir=
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = mysearch.avg.com/search?cid={82110886-AF83-41E2-9311-E6EA9BC5A991}&mid=b67864deaeab47d29d720580a989cc99-2604b6c59a5880e68469e7ec7c3592e90e8366ba&lang=de&ds=gm011&coid=avgtbdisgm&cmpid=&pr=sa&d=2014-01-08 20:09:51&v=17.2.0.38&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\M\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\M\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\M\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CMD: DEL %TEMP%\*.* /F /S /Q
End
*****************

C:\Users\M\AppData\Local\mysearchdial-speeddial.crx => Moved successfully.

========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= End of CMD: =========

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key deleted successfully.
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Key deleted successfully.
"C:\Users\M\AppData\Local\mysearchdial-speeddial.crx" => File/Directory not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Key deleted successfully.
"C:\Users\M\AppData\Local\mysearchdial-speeddial.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Key deleted successfully.
"C:\Users\M\AppData\Local\mysearchdial-speeddial.crx" => File/Directory not found.

========= DEL %TEMP%\*.* /F /S /Q =========

Datei wurde gel�scht - C:\Users\M\AppData\Local\Temp\17291421.od
Datei wurde gel�scht - C:\Users\M\AppData\Local\Temp\4975250.od
Datei wurde gel�scht - C:\Users\M\AppData\Local\Temp\CVRD840.tmp.cvr
Datei wurde gel�scht - C:\Users\M\AppData\Local\Temp\CVREA92.tmp.cvr
Datei wurde gel�scht - C:\Users\M\AppData\Local\Temp\gomtemp.smi
Datei wurde gel�scht - C:\Users\M\AppData\Local\Temp\users00
Datei wurde gel�scht - C:\Users\M\AppData\Local\Temp\winstore.log
Datei wurde gel�scht - C:\Users\M\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll

========= End of CMD: =========


==== End of Fixlog ====

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6074

Ima li poboljsanja?



Ako je stanje isto, postavi mi svez FRST.txt izvestaj.

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

Napisano: 28 Jan 2014 22:14

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 01
Ran by M (administrator) on MIKI on 28-01-2014 22:07:33
Running from C:\Users\M\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16470_none_fa2491fd9b3cfcb2\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\setup.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-10-29] (Synaptics Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM-x32\...\Run: [Bonus.SSR.FR11] - C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [934152 2011-11-07] (ABBYY.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPE4B98199-7D3E-450A-8FC6-E264F0418B81&SSPV=
CHR Extension: (Google Docs) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-11]
CHR Extension: (Google Drive) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-11]
CHR Extension: (YouTube) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-11]
CHR Extension: (Google-Suche) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-11]
CHR Extension: (Google+) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-11-03]
CHR Extension: (LastPass) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-10-11]
CHR Extension: (Dropbox) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-10-29]
CHR Extension: (Evernote Web) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2013-10-29]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2013-11-17]
CHR Extension: (Norton Identity Protection) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-10-11]
CHR Extension: (Google Wallet) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-11]
CHR Extension: (Awesome New Tab Page 2(EXT)) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijkglihmcefogkmgibpajfaiekekllk [2013-10-27]
CHR Extension: (Google Mail) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-11]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2013-12-11]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-10-12] (ABBYY)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
S2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-27] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140127.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (http://libusb-win32.sourceforge.net)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140128.002\ENG64.SYS [126040 2014-01-24] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140128.002\EX64.SYS [2099288 2014-01-24] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
S3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-10-12] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-28 21:06 - 2014-01-28 21:16 - 00025253 _____ C:\Users\M\Downloads\Mom.S01E15.HDTV.x264-LOL.srt
2014-01-28 20:59 - 2014-01-28 21:02 - 195304418 ____R C:\Users\M\Downloads\How.I.Met.Your.Mother.S09E16.HDTV.x264-KILLERS.mp4
2014-01-28 20:59 - 2014-01-28 21:02 - 140399025 ____R C:\Users\M\Downloads\Mom.S01E15.HDTV.x264-LOL.mp4
2014-01-28 04:18 - 2014-01-28 21:19 - 00033493 _____ C:\Users\M\Downloads\How.I.Met.Your.Mother.S09E16.HDTV.x264-KILLERS.srt
2014-01-27 21:21 - 2014-01-27 21:22 - 00024269 _____ C:\Users\M\Desktop\Addition.txt
2014-01-27 21:19 - 2014-01-28 22:07 - 00015918 _____ C:\Users\M\Desktop\FRST.txt
2014-01-27 21:19 - 2014-01-27 21:19 - 00000000 ____D C:\FRST
2014-01-27 21:18 - 2014-01-27 21:18 - 02079232 _____ (Farbar) C:\Users\M\Desktop\FRST64.exe
2014-01-26 19:08 - 2014-01-26 21:11 - 367930882 _____ C:\Users\M\Downloads\Ravna_Gora_Ep.05.avi
2014-01-26 16:28 - 2014-01-26 19:02 - 368081806 _____ C:\Users\M\Downloads\Ravna Gora Ep.04.avi
2014-01-26 12:16 - 2014-01-26 15:25 - 00270969 _____ C:\Users\M\Downloads\vezba.xlsx
2014-01-26 12:16 - 2014-01-26 12:16 - 00000165 ____H C:\Users\M\Downloads\~$vezba.xlsx
2014-01-25 18:38 - 2014-01-25 18:39 - 00382800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-25 18:21 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-01-25 18:21 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-01-25 18:21 - 2013-11-27 09:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-01-25 18:21 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-01-25 18:21 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-01-25 18:21 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-01-25 18:21 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-01-25 18:21 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-25 18:21 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-01-25 18:21 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-01-25 18:21 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-01-25 18:21 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-25 18:21 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-25 18:21 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-25 18:21 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-25 18:21 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-01-25 18:21 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-01-25 18:20 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-01-25 18:20 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-01-25 18:20 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-01-25 18:20 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-01-25 18:20 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-01-25 18:20 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-01-25 18:20 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-01-25 18:20 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-01-25 18:20 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-01-25 18:20 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-01-25 18:20 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-01-25 18:20 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-01-25 18:20 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-01-25 18:20 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-01-25 18:20 - 2013-11-27 05:01 - 00385614 _____ C:\WINDOWS\system32\ApnDatabase.xml
2014-01-25 18:20 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-01-25 18:20 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-01-25 18:20 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-01-25 18:20 - 2013-11-25 02:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-01-25 18:20 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-01-25 18:20 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-01-25 18:20 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-01-25 18:20 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-01-25 18:20 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-01-25 18:20 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-01-25 18:20 - 2013-11-23 08:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-01-25 18:20 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-01-25 18:20 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-01-25 18:20 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-01-25 18:20 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-01-25 18:20 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-01-25 18:20 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-01-25 18:20 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-01-25 18:20 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-01-25 18:20 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-01-25 18:20 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-01-25 18:20 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-01-25 18:20 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-01-25 18:20 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-01-25 18:19 - 2013-12-11 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-01-25 14:39 - 2014-01-25 14:39 - 00083824 _____ C:\Users\M\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-25 13:41 - 2014-01-28 20:54 - 00243702 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-20 22:21 - 2014-01-20 22:21 - 00000000 ____D C:\Users\M\Downloads\knjige
2014-01-20 22:19 - 2014-01-20 22:19 - 35785429 _____ C:\Users\M\Downloads\ask.7z
2014-01-20 21:42 - 2014-01-20 21:42 - 00033015 _____ C:\Users\M\Downloads\80434.xlsx
2014-01-20 21:37 - 2014-01-20 21:37 - 00060416 _____ C:\Users\M\Downloads\withdrawals-Canuck.xls
2014-01-20 21:32 - 2014-01-20 21:32 - 00312320 _____ C:\Users\M\Downloads\drawdown-vs-cagr.xls
2014-01-20 21:20 - 2014-01-20 21:20 - 00033063 _____ C:\Users\M\Downloads\golden-ratios.ZIP
2014-01-20 21:11 - 2014-01-20 21:12 - 01412096 _____ C:\Users\M\Downloads\compare-to-historical3.xls
2014-01-20 21:11 - 2014-01-20 21:11 - 00619008 _____ C:\Users\M\Downloads\compare-to-historical.xls
2014-01-20 21:04 - 2014-01-20 21:04 - 00738304 _____ C:\Users\M\Downloads\portfolio-vs-index.xls
2014-01-20 21:00 - 2014-01-20 21:00 - 00116224 _____ C:\Users\M\Downloads\CAGR-eg.xls
2014-01-20 20:56 - 2014-01-20 20:56 - 00332288 _____ C:\Users\M\Downloads\momentum.xls
2014-01-20 20:46 - 2014-01-20 20:46 - 00435712 _____ C:\Users\M\Downloads\moving-CAGR.xls
2014-01-20 19:42 - 2014-01-20 19:42 - 00045128 _____ C:\Users\M\Downloads\175333-about.time.2013.720p.bluray.x264.dtsevo.zip
2014-01-20 19:22 - 2014-01-25 09:54 - 00000000 ____D C:\Users\M\Downloads\The Family (2013)
2014-01-20 19:20 - 2014-01-25 14:56 - 00000000 ____D C:\Users\M\Downloads\Saving Mr Banks 2013 DVDSCR[AC3] juggs
2014-01-19 15:21 - 2014-01-19 15:21 - 00001450 _____ C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-01-19 15:21 - 2014-01-19 15:21 - 00001255 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-01-19 15:20 - 2014-01-19 15:21 - 00000000 ____D C:\Users\M\AppData\Roaming\DVDVideoSoft
2014-01-19 15:20 - 2014-01-19 15:21 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2014-01-19 15:20 - 2014-01-19 15:20 - 00000000 ____D C:\Users\M\AppData\Roaming\OpenCandy
2014-01-18 21:16 - 2014-01-15 13:23 - 00099884 _____ C:\Users\M\Downloads\Sherlock.3x03.His.Last.Vow.REPACK.HDTV.x264-FoV.srt
2014-01-18 18:17 - 2014-01-25 13:12 - 00000000 ____D C:\Users\M\Desktop\Dubai
2014-01-18 08:09 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-18 08:09 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-18 08:08 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-18 08:08 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-18 08:08 - 2013-11-27 11:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-18 08:08 - 2013-11-27 10:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-18 08:08 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-18 08:08 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-18 08:08 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-18 08:08 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-18 08:08 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-18 07:38 - 2014-01-18 07:44 - 593738670 ____R C:\Users\M\Downloads\Sherlock.3x03.His.Last.Vow.REPACK.HDTV.x264-FoV.mp4
2014-01-09 20:24 - 2014-01-09 21:15 - 1987806758 ____R C:\Users\M\Downloads\Escape Plan 2013 HDTV AC3 XViD - OLDTiMERS.avi
2014-01-09 20:12 - 2014-01-09 20:18 - 318319181 ____R C:\Users\M\Downloads\Intelligence.US.S01E01.HDTV.x264-LOL.mp4
2014-01-08 19:30 - 2014-01-08 19:37 - 641086269 ____R C:\Users\M\Downloads\Sherlock.3x02.The.Sign.Of.Three.HDTV.x264-FoV.mp4
2014-01-08 16:24 - 2014-01-09 23:05 - 00068152 _____ C:\Users\M\Downloads\Escape Plan 2013 HDTV AC3 XViD - OLDTiMERS.srt
2014-01-08 10:59 - 2014-01-09 23:00 - 00089585 _____ C:\Users\M\Downloads\Sherlock.3x02.The.Sign.Of.Three.HDTV.x264-FoV.srt
2014-01-02 18:27 - 2014-01-02 22:31 - 00000000 ____D C:\Users\M\Downloads\12.Years.a.Slave.2013.DVDScr.XVID.AC3.HQ.Hive-CM8
2014-01-02 18:19 - 2014-01-02 18:36 - 592075605 ____R C:\Users\M\Downloads\Sherlock.3x01.The.Empty.Hearse.HDTV.x264-FoV.mp4
2013-12-30 19:08 - 2013-12-30 19:08 - 00123889 _____ C:\Users\M\Downloads\Mappe3.xlsx

==================== One Month Modified Files and Folders =======

2014-01-28 22:08 - 2014-01-27 21:19 - 00015918 _____ C:\Users\M\Desktop\FRST.txt
2014-01-28 22:08 - 2013-10-11 18:51 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-28 22:06 - 2013-10-27 23:16 - 00000000 __RDO C:\Users\M\SkyDrive
2014-01-28 22:06 - 2013-10-11 18:49 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-28 22:06 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-28 22:06 - 2013-05-13 16:57 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-01-28 22:06 - 2012-09-26 08:53 - 00000950 _____ C:\WINDOWS\SysWOW64\bscs.ini
2014-01-28 22:05 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2014-01-28 22:04 - 2013-10-11 18:49 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-28 22:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-28 21:19 - 2014-01-28 04:18 - 00033493 _____ C:\Users\M\Downloads\How.I.Met.Your.Mother.S09E16.HDTV.x264-KILLERS.srt
2014-01-28 21:16 - 2014-01-28 21:06 - 00025253 _____ C:\Users\M\Downloads\Mom.S01E15.HDTV.x264-LOL.srt
2014-01-28 21:14 - 2013-10-28 19:43 - 00003898 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A8839A3A-2C06-4EC8-AC66-7675966FEDE7}
2014-01-28 21:14 - 2013-10-11 19:11 - 00000000 ____D C:\Users\M\AppData\Roaming\uTorrent
2014-01-28 21:02 - 2014-01-28 20:59 - 195304418 ____R C:\Users\M\Downloads\How.I.Met.Your.Mother.S09E16.HDTV.x264-KILLERS.mp4
2014-01-28 21:02 - 2014-01-28 20:59 - 140399025 ____R C:\Users\M\Downloads\Mom.S01E15.HDTV.x264-LOL.mp4
2014-01-28 20:54 - 2014-01-25 13:41 - 00243702 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-28 20:42 - 2013-09-30 05:14 - 01980934 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-28 20:42 - 2013-09-30 04:56 - 00842568 _____ C:\WINDOWS\system32\perfh007.dat
2014-01-28 20:42 - 2013-09-30 04:56 - 00191764 _____ C:\WINDOWS\system32\perfc007.dat
2014-01-28 20:41 - 2013-10-11 18:24 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-432700491-4017870644-2687449469-1002
2014-01-27 23:08 - 2013-10-27 22:46 - 00000000 ____D C:\Users\M
2014-01-27 21:22 - 2014-01-27 21:21 - 00024269 _____ C:\Users\M\Desktop\Addition.txt
2014-01-27 21:19 - 2014-01-27 21:19 - 00000000 ____D C:\FRST
2014-01-27 21:18 - 2014-01-27 21:18 - 02079232 _____ (Farbar) C:\Users\M\Desktop\FRST64.exe
2014-01-27 19:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-26 21:11 - 2014-01-26 19:08 - 367930882 _____ C:\Users\M\Downloads\Ravna_Gora_Ep.05.avi
2014-01-26 19:02 - 2014-01-26 16:28 - 368081806 _____ C:\Users\M\Downloads\Ravna Gora Ep.04.avi
2014-01-26 15:25 - 2014-01-26 12:16 - 00270969 _____ C:\Users\M\Downloads\vezba.xlsx
2014-01-26 12:16 - 2014-01-26 12:16 - 00000165 ____H C:\Users\M\Downloads\~$vezba.xlsx
2014-01-26 12:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2014-01-25 19:45 - 2013-12-21 15:36 - 00000000 ____D C:\Users\M\Downloads\Casablanca[1942]DvDrip[Eng]-FXG
2014-01-25 18:40 - 2013-10-11 18:15 - 00000000 ___RD C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-25 18:40 - 2013-10-11 18:15 - 00000000 ___RD C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-25 18:39 - 2014-01-25 18:38 - 00382800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-25 18:35 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2014-01-25 18:35 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2014-01-25 18:35 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2014-01-25 18:35 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2014-01-25 18:35 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2014-01-25 18:35 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2014-01-25 18:24 - 2013-10-11 18:10 - 00000000 ____D C:\Users\M\AppData\Local\Packages
2014-01-25 18:23 - 2013-05-13 16:50 - 00005660 _____ C:\WINDOWS\system32\RaCoInst.log
2014-01-25 14:56 - 2014-01-20 19:20 - 00000000 ____D C:\Users\M\Downloads\Saving Mr Banks 2013 DVDSCR[AC3] juggs
2014-01-25 14:49 - 2013-11-10 13:20 - 00000000 ____D C:\Users\M\Desktop\500 Zaboravljenih
2014-01-25 14:39 - 2014-01-25 14:39 - 00083824 _____ C:\Users\M\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-25 13:51 - 2013-10-12 07:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-25 13:46 - 2013-10-12 07:12 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-25 13:21 - 2013-10-11 20:48 - 00167221 _____ C:\Users\M\Desktop\Mappe1.xlsx
2014-01-25 13:12 - 2014-01-18 18:17 - 00000000 ____D C:\Users\M\Desktop\Dubai
2014-01-25 13:07 - 2013-10-14 20:48 - 00188928 ___SH C:\Users\M\Desktop\Thumbs.db
2014-01-25 12:29 - 2013-11-10 18:25 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-25 12:29 - 2013-11-10 18:25 - 00000000 ____D C:\Program Files\CCleaner
2014-01-25 09:54 - 2014-01-20 19:22 - 00000000 ____D C:\Users\M\Downloads\The Family (2013)
2014-01-25 09:15 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2014-01-25 09:13 - 2013-05-13 16:57 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-01-23 19:16 - 2013-12-07 12:30 - 00000000 ____D C:\ProgramData\CanonIJPLM
2014-01-23 18:16 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2014-01-20 22:21 - 2014-01-20 22:21 - 00000000 ____D C:\Users\M\Downloads\knjige
2014-01-20 22:19 - 2014-01-20 22:19 - 35785429 _____ C:\Users\M\Downloads\ask.7z
2014-01-20 21:42 - 2014-01-20 21:42 - 00033015 _____ C:\Users\M\Downloads\80434.xlsx
2014-01-20 21:37 - 2014-01-20 21:37 - 00060416 _____ C:\Users\M\Downloads\withdrawals-Canuck.xls
2014-01-20 21:32 - 2014-01-20 21:32 - 00312320 _____ C:\Users\M\Downloads\drawdown-vs-cagr.xls
2014-01-20 21:20 - 2014-01-20 21:20 - 00033063 _____ C:\Users\M\Downloads\golden-ratios.ZIP
2014-01-20 21:12 - 2014-01-20 21:11 - 01412096 _____ C:\Users\M\Downloads\compare-to-historical3.xls
2014-01-20 21:11 - 2014-01-20 21:11 - 00619008 _____ C:\Users\M\Downloads\compare-to-historical.xls
2014-01-20 21:04 - 2014-01-20 21:04 - 00738304 _____ C:\Users\M\Downloads\portfolio-vs-index.xls
2014-01-20 21:00 - 2014-01-20 21:00 - 00116224 _____ C:\Users\M\Downloads\CAGR-eg.xls
2014-01-20 20:56 - 2014-01-20 20:56 - 00332288 _____ C:\Users\M\Downloads\momentum.xls
2014-01-20 20:46 - 2014-01-20 20:46 - 00435712 _____ C:\Users\M\Downloads\moving-CAGR.xls
2014-01-20 19:42 - 2014-01-20 19:42 - 00045128 _____ C:\Users\M\Downloads\175333-about.time.2013.720p.bluray.x264.dtsevo.zip
2014-01-19 22:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-19 15:21 - 2014-01-19 15:21 - 00001450 _____ C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-01-19 15:21 - 2014-01-19 15:21 - 00001255 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-01-19 15:21 - 2014-01-19 15:20 - 00000000 ____D C:\Users\M\AppData\Roaming\DVDVideoSoft
2014-01-19 15:21 - 2014-01-19 15:20 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2014-01-19 15:20 - 2014-01-19 15:20 - 00000000 ____D C:\Users\M\AppData\Roaming\OpenCandy
2014-01-19 08:04 - 2013-10-11 20:37 - 00870912 ___SH C:\Users\M\Downloads\Thumbs.db
2014-01-18 08:31 - 2013-10-12 11:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-18 07:44 - 2014-01-18 07:38 - 593738670 ____R C:\Users\M\Downloads\Sherlock.3x03.His.Last.Vow.REPACK.HDTV.x264-FoV.mp4
2014-01-15 13:23 - 2014-01-18 21:16 - 00099884 _____ C:\Users\M\Downloads\Sherlock.3x03.His.Last.Vow.REPACK.HDTV.x264-FoV.srt
2014-01-09 23:05 - 2014-01-08 16:24 - 00068152 _____ C:\Users\M\Downloads\Escape Plan 2013 HDTV AC3 XViD - OLDTiMERS.srt
2014-01-09 23:00 - 2014-01-08 10:59 - 00089585 _____ C:\Users\M\Downloads\Sherlock.3x02.The.Sign.Of.Three.HDTV.x264-FoV.srt
2014-01-09 21:15 - 2014-01-09 20:24 - 1987806758 ____R C:\Users\M\Downloads\Escape Plan 2013 HDTV AC3 XViD - OLDTiMERS.avi
2014-01-09 20:18 - 2014-01-09 20:12 - 318319181 ____R C:\Users\M\Downloads\Intelligence.US.S01E01.HDTV.x264-LOL.mp4
2014-01-08 20:10 - 2013-10-11 21:15 - 00001225 _____ C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-01-08 20:10 - 2013-10-11 21:15 - 00001201 _____ C:\Users\Public\Desktop\GOM Player.lnk
2014-01-08 19:37 - 2014-01-08 19:30 - 641086269 ____R C:\Users\M\Downloads\Sherlock.3x02.The.Sign.Of.Three.HDTV.x264-FoV.mp4
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-02 22:31 - 2014-01-02 18:27 - 00000000 ____D C:\Users\M\Downloads\12.Years.a.Slave.2013.DVDScr.XVID.AC3.HQ.Hive-CM8
2014-01-02 18:36 - 2014-01-02 18:19 - 592075605 ____R C:\Users\M\Downloads\Sherlock.3x01.The.Empty.Hearse.HDTV.x264-FoV.mp4
2013-12-30 19:08 - 2013-12-30 19:08 - 00123889 _____ C:\Users\M\Downloads\Mappe3.xlsx

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-27 21:26

==================== End Of Log ============================

Dopuna: 28 Jan 2014 22:18

ostale su mi na desktopu ikonice MySearchDial, FREE Games i DVDVideoSoft Free Studio

je mogu njih samo da izbrisem?

ne otvara vise onu stranicu u IE.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6074

Isprati ovo uputstvo za postavljanje na Google Chrome home page stranicu nazad na google.com
https://support.google.com/chrome/answer/95314?hl=en

Ikonice obrisi ...



Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 14 Avg 2010
  • Poruke: 185

uradjeno! hvala na pomoci!

Ko je trenutno na forumu
 

Ukupno su 878 korisnika na forumu :: 53 registrovanih, 3 sakrivenih i 822 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 5.56, _Sale, A.R.Chafee.Jr., aramis s, Atomski čoban, Bane san, bato, Bobannn90, bojank, darkangel, doktor1964, doloress, DonRumataEstorski, Duško2, esx66, eulereix, Georgius2, ikan, ivance95, komkom, Krusarac, Kubovac, kuntalo, lacko2, ladro, lojola, mean_machine, Mercury, Metanoja, Miskohd, nedjabanderas, nenadovic.ivan, pedjolino76, powSrb, RockyBridge, ruma, S-lash, sakota79, scimitar19, Sibin2, Sonyboy, spektorsky, srecko81, stegonosa, stug, theNedjeljko, VaRvArI 85, vasa.93, vladas87, vlvl, voja64, volimpivuvolimrakiju, Vule 3