Windows Essentials 2012

1

Windows Essentials 2012

offline
  • Pridružio: 20 Maj 2012
  • Poruke: 19
  • Gde živiš: Čačak

Poštovani...
Moj problem je sledeći:
već nekoliko dana sam imao problem sa Windows Live Mail, tačnije sa ažuriranjem pošte.
Taj problem sam pokušao da rešim tako što sam reinstalirao Windows Esseintials 2012, ali nakon toga program nikako neće da mi se instalira na računar, pokazujući da mi nedostaju pojedine Dll datoteke...
Pokušvao sam preko interneta da pronađem rešenje, ali sa vrlo malo uspeha. Jedino što sam uradio to je da sam instalirao program DLL Suite i to pro verziju i skenirao sistem pomoću njega. Mašao je preko 100 Dll problema i sve sam ih rešio pomoću pomenutog softvera, ali problem oko instalacije Windows Essentials-a i dalje stoji...
Unapred hvala...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2016 02
Ran by Ivan (administrator) on IVAN-PC (25-09-2016 13:10:56)
Running from C:\Users\Ivan\Downloads
Loaded Profiles: Ivan (Available Profiles: Ivan)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(VskSoft) C:\Program Files (x86)\DLL Suite\DLLSuite.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-12] (AVAST Software)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2089056 2015-04-14] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2534258434-3789365811-2451158048-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2534258434-3789365811-2451158048-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-20] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll [2005-03-05] (Autodesk)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{2BDCEC93-B1F5-438D-948E-0C883E71A443}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2534258434-3789365811-2451158048-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?q={searchTerms}
HKU\S-1-5-21-2534258434-3789365811-2451158048-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.rs/
HKU\S-1-5-21-2534258434-3789365811-2451158048-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {6586d803-df30-46d3-a89a-4136c8571d45} URL =
SearchScopes: HKLM-x32 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2534258434-3789365811-2451158048-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D041016-A550D1D9DEB&form=CONBDF&conlogo=CT3334507&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2534258434-3789365811-2451158048-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D041016-A550D1D9DEB&form=CONBDF&conlogo=CT3334507&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2534258434-3789365811-2451158048-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2534258434-3789365811-2451158048-1000 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-19] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-08-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-19] (Oracle Corporation)
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-19] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-19] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2534258434-3789365811-2451158048-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FireFox:
========
FF ProfilePath: C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\jwuggbxi.default
FF Homepage: hxxps://www.google.rs/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2534258434-3789365811-2451158048-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ivan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-09] (Unity Technologies ApS)
FF Extension: (WOT) - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\jwuggbxi.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-09-23]
FF Extension: (Avast SafePrice) - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\jwuggbxi.default\Extensions\sp.beta@avast.com.xpi [2016-09-23]
FF Extension: (Video DownloadHelper) - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\jwuggbxi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-09-23]
FF Extension: (Adblock Plus) - C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\jwuggbxi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-20]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.rs/maps/preview#!q=Mokra+Gora%2C+5%2C+%D0%9C%D0%BE%D0%BA%D1%80%D0%B0+%D0%93%D0%BE%D1%80%D0%B0&data=!1m7!1m3!1d918!2d19.4908312!3d43.851404!2m2!1f180!2f78.23!2m1!1e3!4m12!1m11!4m8!1m3!1d2109873!2d22.2797526!3d44.1824675!3m2!1i1366!2i643!4f35!9m1!5e2&fid=7
CHR Profile: C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default [2016-09-25]
CHR Extension: (Google документи) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-21]
CHR Extension: (Google диск) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-21]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-09-07]
CHR Extension: (YouTube) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-21]
CHR Extension: (Avast SafePrice) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-09-07]
CHR Extension: (Google документи офлајн) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (AdBlock) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-07]
CHR Extension: (Avast Online Security) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-09-07]
CHR Extension: (Video DownloadHelper) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-03-23]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-20]
CHR Extension: (Gmail) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-07]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

Opera:
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-20] (AVAST Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-10-22] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13624048 2016-09-02] (Zemana Ltd.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-20] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-10-06] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-20] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-09-07] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-09-07] (Zemana Ltd.)
S2 DokanMb; system32\DRIVERS\dokanMb.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-25 13:10 - 2016-09-25 13:11 - 00018506 _____ C:\Users\Ivan\Downloads\FRST.txt
2016-09-25 13:10 - 2016-09-25 13:10 - 00000000 ____D C:\FRST
2016-09-25 13:06 - 2016-09-25 13:06 - 02402816 _____ (Farbar) C:\Users\Ivan\Downloads\FRST64.exe
2016-09-25 12:49 - 2016-09-25 12:49 - 03966848 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-09-25 12:49 - 2016-09-25 12:49 - 00398336 _____ (Microsoft Corporation) C:\Windows\system32\regedit.exe
2016-09-25 12:49 - 2016-09-25 12:49 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2016-09-25 12:49 - 2016-09-25 12:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\setup16.exe
2016-09-25 12:49 - 2016-09-25 12:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\perfhost.exe
2016-09-25 12:49 - 2016-09-25 12:49 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\setupSNK.exe
2016-09-25 12:49 - 2016-09-25 12:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\user.exe
2016-09-25 12:48 - 2016-09-25 12:48 - 03223152 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dgl.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 03223152 _____ (VMware, Inc.) C:\Windows\system32\vm3dgl.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 02616320 _____ (Microsoft Corporation) C:\Windows\system32\explorer.exe
2016-09-25 12:48 - 2016-09-25 12:48 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm60.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 01047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt20.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00219248 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dum.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00219248 _____ (VMware, Inc.) C:\Windows\system32\vm3dum.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00180800 _____ (Microsoft Corporation) C:\Windows\system32\sqlunirl.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00177856 _____ (Microsoft Corporation) C:\Windows\system32\typelib.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00169520 _____ (Microsoft Corporation) C:\Windows\system32\ole2disp.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00153008 _____ (Microsoft Corporation) C:\Windows\system32\ole2nls.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\olecli32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00079232 _____ (Microsoft Corporation) C:\Windows\system32\rdvgumd32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00063088 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00063088 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt40.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00053360 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLib.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00053360 _____ (VMware, Inc.) C:\Windows\system32\vmGuestLib.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00050800 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmhgfs.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00050800 _____ (VMware, Inc.) C:\Windows\system32\vmhgfs.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00049179 _____ (Microsoft Corporation) C:\Windows\system32\sqlwoa.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00042592 _____ (Microsoft Corporation) C:\Windows\system32\ole2.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00034416 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLibJava.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00034416 _____ (VMware, Inc.) C:\Windows\system32\vmGuestLibJava.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00030749 _____ (Microsoft Corporation) C:\Windows\system32\vbajet32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\dplaysvr.exe
2016-09-25 12:48 - 2016-09-25 12:48 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\olesvr32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\mtxlegih.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00024603 _____ (Microsoft Corporation) C:\Windows\system32\sqlwid.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\odbcji32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00020535 _____ (Microsoft Corporation) C:\Windows\system32\vfpodbc.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\odtext32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\odpdx32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\odfox32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\odexl32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\oddbse32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\hh.exe
2016-09-25 12:48 - 2016-09-25 12:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\instnm.exe
2016-09-25 12:48 - 2016-09-25 12:48 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2016-09-25 12:48 - 2016-09-25 12:48 - 00004208 _____ (Microsoft Corporation) C:\Windows\system32\storage.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 01047552 _____ (Microsoft Corporation) C:\Windows\system32\mfc71u.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 01036800 _____ (Microsoft Corporation) C:\Windows\system32\d3d8.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\d3dim700.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00746496 _____ (Intel Corporation) C:\Windows\system32\ir50_32.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\d3dramp.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\FXSXP32.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00386048 _____ (Microsoft Corporation) C:\Windows\system32\d3dim.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00380957 _____ (Microsoft Corporation) C:\Windows\system32\expsrv.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00364544 _____ C:\Windows\system32\msjetoledb40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\dplayx.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00200192 _____ (Intel Corporation.) C:\Windows\system32\ir50_qcx.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00200192 _____ (Intel Corporation.) C:\Windows\system32\ir50_qc.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00197632 _____ C:\Windows\system32\ir32_32.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dmime.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00149019 _____ (Microsoft Corporation) C:\Windows\system32\crtdll.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00120320 _____ (Intel Corporation.) C:\Windows\system32\ir41_qcx.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00120320 _____ (Intel Corporation.) C:\Windows\system32\ir41_qc.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\dmstyle.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dmscript.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\dmcompos.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\d3dxof.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dpwsockx.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\FXSEXT32.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\dmband.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mscpxl32.dLL
2016-09-25 12:47 - 2016-09-25 12:47 - 00027792 _____ (Microsoft Corporation) C:\Windows\system32\compobj.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\ctl3d32.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\dpmodemx.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\msorc32r.dll
2016-09-25 12:47 - 2016-09-25 12:47 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\mscpx32r.dLL
2016-09-25 12:47 - 2016-09-25 12:47 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\iprop.dll
2016-09-25 12:43 - 2016-09-25 12:43 - 00000000 ____D C:\ProgramData\VSK
2016-09-25 12:23 - 2016-09-25 12:47 - 00000000 ____D C:\Program Files (x86)\DLL Suite
2016-09-25 12:23 - 2016-09-25 12:23 - 00001018 _____ C:\Users\Ivan\Desktop\DLLSuite.lnk
2016-09-25 12:23 - 2016-09-25 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL Suite 9.0
2016-09-25 12:20 - 2016-09-25 12:22 - 21297448 _____ ( ) C:\Users\Ivan\Downloads\DLLSuite_Setup.exe
2016-09-25 01:23 - 2016-09-25 01:23 - 01244864 _____ (Корпорација Microsoft) C:\Users\Ivan\Downloads\wlsetup-web.exe
2016-09-25 01:03 - 2016-09-25 01:10 - 00000000 ____D C:\Users\Ivan\AppData\Local\Robert_N_Wood__rob@rnwood
2016-09-25 00:49 - 2016-09-25 00:49 - 00003128 _____ C:\Windows\System32\Tasks\{EBF2824E-8000-4999-9408-C2D9BBAE87DC}
2016-09-25 00:24 - 2016-09-25 00:24 - 00000000 ____D C:\Windows\sr-cyrl-ba
2016-09-25 00:18 - 2016-09-25 00:18 - 00003128 _____ C:\Windows\System32\Tasks\{E5063F7D-AAE5-41CC-BB8A-D83079B7330A}
2016-09-25 00:14 - 2016-09-25 00:24 - 00000000 ____D C:\Program Files (x86)\Windows Live
2016-09-24 20:59 - 2016-09-25 00:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-23 23:02 - 2016-09-23 23:05 - 133955344 _____ (Microsoft Corporation) C:\Users\Ivan\Downloads\msert.exe
2016-09-23 19:42 - 2016-09-23 19:42 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-23 19:42 - 2016-09-23 19:42 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-23 19:41 - 2016-09-23 19:41 - 00243544 _____ C:\Users\Ivan\Downloads\Firefox Setup Stub 49.0.exe
2016-09-20 21:46 - 2016-09-20 21:46 - 00003080 _____ C:\Windows\System32\Tasks\{CAC71B88-A837-4ADB-855E-96912CD99246}
2016-09-20 20:36 - 2016-08-29 17:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-09-20 20:36 - 2016-08-29 17:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-09-20 20:36 - 2016-08-29 17:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-09-20 20:36 - 2016-08-29 17:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-09-20 20:36 - 2016-08-29 17:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-09-20 20:36 - 2016-08-29 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-09-20 20:36 - 2016-08-29 17:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-09-20 20:36 - 2016-08-29 16:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-09-20 20:36 - 2016-08-16 22:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-09-20 20:36 - 2016-08-16 22:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-09-20 20:36 - 2016-08-16 22:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-09-20 20:36 - 2016-08-16 22:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-09-20 20:36 - 2016-08-16 22:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-09-20 20:36 - 2016-08-16 22:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-09-20 20:36 - 2016-08-16 22:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-09-20 20:36 - 2016-08-12 19:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-09-20 20:36 - 2016-08-12 19:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-09-20 20:36 - 2016-08-12 19:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-09-20 20:36 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-09-20 20:36 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-09-20 20:36 - 2016-08-12 18:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-09-20 20:36 - 2016-08-12 18:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-09-20 20:36 - 2016-08-12 18:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-09-20 20:36 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-09-20 20:36 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-09-20 20:36 - 2016-08-12 18:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-09-20 20:36 - 2016-08-06 17:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-09-20 20:36 - 2016-08-06 17:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-09-20 20:36 - 2016-08-06 17:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-09-20 20:36 - 2016-08-06 17:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-09-20 20:36 - 2016-08-06 17:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-09-20 20:36 - 2016-08-06 17:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-09-20 20:36 - 2016-08-06 17:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-09-20 20:36 - 2016-08-06 17:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-09-20 20:36 - 2016-08-06 17:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-09-20 20:36 - 2016-08-06 17:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-09-20 20:36 - 2016-08-06 17:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-09-20 20:36 - 2016-08-06 17:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-09-20 20:36 - 2016-08-06 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-09-20 20:36 - 2016-08-06 16:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-09-20 20:36 - 2016-08-06 16:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-09-20 20:36 - 2016-08-06 16:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-09-20 20:36 - 2016-06-14 19:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-09-20 20:36 - 2016-06-14 19:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-09-20 20:36 - 2016-06-14 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-09-20 20:36 - 2016-06-14 19:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-09-20 20:36 - 2016-06-14 17:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-09-20 20:36 - 2016-06-14 17:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-09-20 20:36 - 2016-06-14 17:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-09-20 20:36 - 2016-06-14 17:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-09-20 20:36 - 2016-06-14 17:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-09-20 20:36 - 2016-06-14 17:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-09-20 20:36 - 2016-06-14 17:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-09-20 20:36 - 2016-06-14 17:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-09-20 20:36 - 2016-06-14 17:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-09-20 20:27 - 2016-08-05 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-20 20:27 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-13 20:45 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-13 20:45 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-09-13 20:45 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-13 20:45 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-13 20:45 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-09-13 20:45 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-13 20:45 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-13 20:45 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-09-13 20:45 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-09-13 20:45 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-13 20:45 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-13 20:45 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-09-13 20:45 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-13 20:45 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-13 20:45 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-13 20:45 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-09-13 20:45 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-13 20:45 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-09-13 20:45 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-09-13 20:45 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-09-13 20:45 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-13 20:45 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-13 20:45 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-09-13 20:45 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-09-13 20:45 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-13 20:45 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-13 20:45 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-09-13 20:45 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-13 20:45 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-13 20:45 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-13 20:45 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-13 20:45 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-13 20:45 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-13 20:45 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-13 20:45 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-13 20:45 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-13 20:45 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-13 20:45 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-13 20:45 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-13 20:45 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-13 20:45 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-13 20:45 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-13 20:45 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-13 20:45 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-13 20:45 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-13 20:45 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-13 20:45 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-13 20:45 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-13 20:45 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-13 20:45 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-13 20:45 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-13 20:45 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-13 20:45 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-13 20:45 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-13 20:44 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-13 20:44 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-13 20:44 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-13 20:44 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-13 20:44 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-13 20:44 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-13 20:44 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-13 20:44 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-09-13 20:44 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-09-13 20:44 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-09-13 20:44 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-13 20:44 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-13 20:44 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-13 20:44 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-13 20:44 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-13 20:44 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-13 20:44 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-13 20:44 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-13 20:44 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-13 20:44 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-13 20:44 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-13 20:44 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-09-13 20:44 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-13 20:44 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-13 20:44 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-13 20:44 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-13 20:44 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-13 20:44 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-09-13 20:44 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-13 20:44 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-09-13 20:44 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-13 20:44 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-13 20:44 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-13 20:44 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-13 20:44 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-13 20:44 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-13 20:44 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-13 20:44 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-13 20:44 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-13 20:44 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-13 20:44 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-13 20:44 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-13 20:44 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-13 20:44 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-13 20:44 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-13 20:44 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-13 20:44 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-13 20:44 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-13 20:44 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-13 20:44 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-13 20:44 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-13 20:44 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-13 20:44 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-13 20:44 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-13 20:44 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-13 20:44 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-12 22:25 - 2016-09-12 22:28 - 00000000 ____D C:\Users\Ivan\AppData\Roaming\Skype
2016-09-12 22:25 - 2016-09-12 22:28 - 00000000 ____D C:\Users\Ivan\AppData\Local\Skype
2016-09-12 22:25 - 2016-09-12 22:28 - 00000000 ____D C:\ProgramData\Skype
2016-09-07 23:25 - 2016-09-07 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-25 13:11 - 2016-04-06 20:05 - 00024000 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-09-25 13:10 - 2016-04-06 20:05 - 00047357 _____ C:\Windows\ZAM.krnl.trace
2016-09-25 13:03 - 2016-04-10 20:43 - 00000000 ____D C:\Users\Ivan\Tracing
2016-09-25 13:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-25 13:01 - 2009-07-14 06:45 - 00012624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-25 13:01 - 2009-07-14 06:45 - 00012624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-25 12:54 - 2016-03-21 17:19 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-25 12:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-25 12:35 - 2016-03-21 17:19 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-25 12:35 - 2014-10-06 22:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-25 12:01 - 2016-04-10 20:36 - 00000000 ___RD C:\Users\Ivan\OneDrive
2016-09-25 11:28 - 2015-03-25 01:29 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C5F15B88-C145-44B0-95CC-0C25FA8970BC}
2016-09-25 01:15 - 2016-04-07 22:35 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-09-25 00:35 - 2015-09-28 00:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-25 00:14 - 2016-04-10 20:38 - 00000000 ____D C:\Program Files\Windows Live
2016-09-25 00:13 - 2016-04-10 20:36 - 00000000 ____D C:\Users\Ivan\AppData\Local\Windows Live
2016-09-23 23:53 - 2014-10-04 19:22 - 00000000 ____D C:\Users\Ivan
2016-09-23 22:36 - 2016-03-05 23:39 - 00000000 ____D C:\Users\Ivan\dwhelper
2016-09-23 20:09 - 2016-05-02 14:59 - 00000000 ____D C:\WarThunder
2016-09-23 19:32 - 2015-12-05 21:55 - 00003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1449345352
2016-09-23 19:32 - 2014-10-04 23:35 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-22 20:24 - 2015-02-02 21:45 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-09-20 21:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-09-20 21:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-09-20 20:44 - 2014-10-04 21:30 - 00774592 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-09-20 20:44 - 2009-07-14 07:13 - 00774592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-18 00:52 - 2016-03-21 17:21 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-18 00:52 - 2016-03-21 17:21 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-17 21:19 - 2014-10-07 21:52 - 00000000 ____D C:\Users\Ivan\AppData\Roaming\vlc
2016-09-16 23:39 - 2016-04-10 21:20 - 00000000 ____D C:\Users\Ivan\AppData\Roaming\Windows Live Writer
2016-09-15 22:25 - 2015-09-11 22:56 - 00000000 ____D C:\Windows\rescache
2016-09-14 23:40 - 2014-12-23 21:03 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-14 22:35 - 2016-04-07 22:35 - 00003882 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-09-14 22:35 - 2014-10-06 22:45 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 22:35 - 2014-10-04 19:50 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 22:35 - 2014-10-04 19:50 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 22:35 - 2014-10-04 19:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-14 22:35 - 2014-10-04 19:50 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-13 20:56 - 2016-04-09 23:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-13 20:56 - 2016-04-09 23:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-13 20:56 - 2009-07-14 06:45 - 00481344 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-13 20:53 - 2016-04-09 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-13 20:52 - 2014-10-10 22:13 - 00000000 ____D C:\Windows\system32\MRT
2016-09-13 20:45 - 2014-10-10 22:13 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-13 20:33 - 2015-02-02 21:45 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-09-10 00:51 - 2016-07-11 21:55 - 00000000 ____D C:\Users\Ivan\Documents\OpenHardwareMonitor
2016-09-07 23:25 - 2016-03-12 21:17 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-09-07 23:25 - 2016-03-12 21:17 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-09-07 23:25 - 2016-03-12 21:17 - 00001076 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-09-07 23:25 - 2016-03-12 21:17 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware

==================== Files in the root of some directories =======

2015-10-20 21:56 - 2015-10-20 22:06 - 6420480 _____ () C:\Program Files (x86)\GUTE38B.tmp
2015-11-24 01:18 - 2015-11-24 01:18 - 0003584 _____ () C:\Users\Ivan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 19:24 - 2015-09-30 19:24 - 0007609 _____ () C:\Users\Ivan\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Ivan\AppData\Local\Temp\temp~.DLL
C:\Users\Ivan\AppData\Local\Temp\temp~.EXE


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-15 22:18

==================== End of FRST.txt ============================





mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Ne vidim nista u logu sto bi moglo da prouzrokuje taj problem. Event prikazuje par Kernalbase.dll gresaka (file sluzi za kompatibilnost Win_7 sa starijim programima).

Voleo bih da pregledam tu masinu iz nekog drugog ugla. Odradi redom ...








1. Preuzmi sUBs-ov ComboFix () sa ovog linka i sačuvaj alat na Desktop.
• Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
• Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.


------------------------------------------------------------
2. Privremeno deaktiviraj AntiVirus program, u većini slučajeva preko desnog klika na ikonu programa u system tray. Oni mogu ometati alat tokom rada.
Ukoliko nisi siguran kako to da uradiš, isprati ovo uputstvo.

------------------------------------------------------------
3. Dvoklikom na ikonicu pokreni ComboFix. Potom, na disclaimer prozoru klikni dugme I Agree!

• ComboFix će proveriti da li je dostupna nova verzija alata.
Klikni Yes ako je zatrazeno preuzimanje.
• Ukoliko Recovery Console nije instaliran, ComboFix će ponuditi preuzimanje i instalaciju.
Klikni Yes da bi dozvolio alatu da preuzme i instalira Recovery Console
• ComboFix će skenirati računar po fazama (Stage_#) ukupno 50 faza.
Ne kliktati okolo dok ComboFix ispituje sistem.
• Ukoliko je malware detektovan, ComboFix će zapoceti njegovo uklanjanje.
Iz tog razloga, alat će po potrebi restartovati Windows (nekad i više puta);

Napomena: Ako nakon rada alata dobiješ grešku (Illegal operation attempted on a registry key that has been marked for deletion) prilikom startovanja programa, restartovati računar i to ce rešiti problem.


------------------------------------------------------------
4. Kada alat završi, formiraće i otvoriti izveštaj (tipična lokacija: C:\ComboFix.txt)
Iskopiraj sadržaj ComboFix.txt izveštaja u poruku.

ComboFix će takođe formirati i dodatan izveštaj (tipicna lokacija: C:\Qoobox\ComboFix-quarantined-files.txt)
Okači ComboFix-quarantined-files.txt izveštaj uz poruku koristeći opciju Prikači fajl





.






Preuzmi Farbar Service Scaner na Desktop

http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

Dvoklikom pokreni FSS.exe, stikliraj sve opcije i klikni na Scan

Nedugo zatim, otvorice se log programa u Notepad-u, koji ce biti sacuvan na radnoj povrsini kao FSS.txt

Prikaci njegov sadrzaj u temu na forumu koristeci Prikaci fajl opciju.

offline
  • Pridružio: 20 Maj 2012
  • Poruke: 19
  • Gde živiš: Čačak

ComboFix 16-09-22.01 - Ivan 09/25/2016 15:52:36.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4078.2763 [GMT 2:00]
Running from: c:\users\Ivan\Downloads\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2016-08-25 to 2016-09-25 )))))))))))))))))))))))))))))))
.
.
2016-09-25 13:57 . 2016-09-25 13:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-09-25 11:10 . 2016-09-25 11:11 -------- d-----w- C:\FRST
2016-09-25 10:49 . 2016-09-25 10:49 2048 ----a-w- c:\windows\system32\user.exe
2016-09-25 10:49 . 2016-09-25 10:49 25600 ----a-w- c:\windows\system32\setup16.exe
2016-09-25 10:49 . 2016-09-25 10:49 17920 ----a-w- c:\windows\system32\setupSNK.exe
2016-09-25 10:49 . 2016-09-25 10:49 398336 ----a-w- c:\windows\system32\regedit.exe
2016-09-25 10:49 . 2016-09-25 10:49 3966848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2016-09-25 10:49 . 2016-09-25 10:49 20992 ----a-w- c:\windows\system32\perfhost.exe
2016-09-25 10:47 . 2016-09-25 10:47 643072 ----a-w- c:\windows\system32\msrepl40.dll
2016-09-25 10:43 . 2016-09-25 10:43 -------- d-----w- c:\programdata\VSK
2016-09-25 10:23 . 2016-09-25 13:45 -------- d-----w- c:\program files (x86)\DLL Suite
2016-09-24 23:03 . 2016-09-24 23:10 -------- d-----w- c:\users\Ivan\AppData\Local\Robert_N_Wood__rob@rnwood
2016-09-24 22:24 . 2016-09-24 22:24 -------- d-----w- c:\windows\sr-cyrl-ba
2016-09-24 22:14 . 2016-09-24 22:24 -------- d-----w- c:\program files (x86)\Windows Live
2016-09-24 22:13 . 2016-09-24 22:13 94040 -c--a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ee554da11d216b004\DSETUP.dll
2016-09-24 22:13 . 2016-09-24 22:13 525656 -c--a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ee554da11d216b004\DXSETUP.exe
2016-09-24 22:13 . 2016-09-24 22:13 1691480 -c--a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ee554da11d216b004\dsetup32.dll
2016-09-24 22:13 . 2016-09-24 22:13 89944 -c--a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e9bc05341d216b003\DSETUP.dll
2016-09-24 22:13 . 2016-09-24 22:13 537432 -c--a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e9bc05341d216b003\DXSETUP.exe
2016-09-24 22:13 . 2016-09-24 22:13 1801048 -c--a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e9bc05341d216b003\dsetup32.dll
2016-09-24 22:13 . 2016-09-24 22:13 89944 -c--a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e66ccdcc1d216b002\DSETUP.dll
2016-09-24 22:13 . 2016-09-24 22:13 537432 -c--a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e66ccdcc1d216b002\DXSETUP.exe
2016-09-24 22:13 . 2016-09-24 22:13 1801048 -c--a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e66ccdcc1d216b002\dsetup32.dll
2016-09-20 19:34 . 2016-09-20 19:34 -------- d-----w- c:\windows\sr-latn-cs
2016-09-20 18:27 . 2016-08-05 15:30 2048 ----a-w- c:\windows\system32\tzres.dll
2016-09-20 18:27 . 2016-08-05 15:13 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-09-13 18:44 . 2016-09-01 00:11 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2016-09-12 20:25 . 2016-09-12 20:28 -------- d-----w- c:\users\Ivan\AppData\Local\Skype
2016-09-12 20:25 . 2016-09-12 20:28 -------- d-----w- c:\users\Ivan\AppData\Roaming\Skype
2016-09-12 20:25 . 2016-09-12 20:28 -------- d-----w- c:\programdata\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-22 18:24 . 2015-02-02 19:45 513632 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-09-14 20:35 . 2014-10-04 17:50 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-09-14 20:35 . 2014-10-04 17:50 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-09-13 18:45 . 2014-10-10 20:13 144199024 -c--a-w- c:\windows\system32\MRT.exe
2016-09-13 18:33 . 2015-02-02 19:45 969184 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-09-07 21:25 . 2016-03-12 19:17 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2016-09-07 21:25 . 2016-03-12 19:17 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2016-09-02 15:16 . 2016-09-13 18:44 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-08-20 19:03 . 2015-02-02 19:45 163416 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-08-20 19:03 . 2016-08-20 19:03 391496 ----a-w- c:\windows\system32\aswBoot.exe
2016-08-20 19:03 . 2015-02-02 19:45 292704 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-08-20 19:03 . 2015-02-02 19:45 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-08-20 19:03 . 2015-02-02 19:45 108816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-08-20 19:03 . 2015-02-02 19:45 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-08-20 19:03 . 2015-02-02 19:45 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-08-20 19:03 . 2016-08-20 19:03 53208 ----a-w- c:\windows\avastSS.scr
2016-08-12 16:46 . 2016-09-20 18:36 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-08-05 13:09 . 2016-08-05 13:09 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-08-02 22:36 . 2016-08-20 11:21 11847048 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A4008231-B81F-4AD7-9211-711B32D4869E}\mpengine.dll
2016-07-26 12:24 . 2014-10-04 18:15 504488 ------w- c:\windows\system32\MpSigStub.exe
2016-07-19 19:43 . 2016-07-19 19:44 110144 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-64.dll
2016-07-19 19:43 . 2014-10-24 20:05 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-07-19 19:42 . 2016-01-25 18:59 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-07-07 15:36 . 2016-08-16 20:53 1896168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2016-07-07 15:36 . 2016-08-16 20:53 377576 ----a-w- c:\windows\system32\drivers\netio.sys
2016-07-07 15:36 . 2016-08-16 20:53 287976 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2016-07-07 15:08 . 2016-08-16 20:53 46080 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2016-07-04 19:35 . 2012-07-17 12:37 24800 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2016-07-01 15:31 . 2016-08-16 20:53 976896 ----a-w- c:\windows\system32\inetcomm.dll
2016-07-01 15:31 . 2016-08-16 20:53 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-07-01 15:13 . 2016-08-16 20:53 741888 ----a-w- c:\windows\SysWow64\inetcomm.dll
2016-07-01 15:13 . 2016-08-16 20:53 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2015-10-20 20:06 . 2015-10-20 19:56 6420480 ----a-w- c:\program files (x86)\GUTE38B.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-04-10 18:43 1587912 ----a-w- c:\users\Ivan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-04-10 18:43 1587912 ----a-w- c:\users\Ivan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-04-10 18:43 1587912 ----a-w- c:\users\Ivan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-04-10 18:43 1587912 ----a-w- c:\users\Ivan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-04-10 18:43 1587912 ----a-w- c:\users\Ivan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-01-16 717696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-10-25 5299320]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-09-12 9107616]
"EaseUS EPM tray"="c:\program files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe" [2015-04-14 2089056]
"EaseUS EPM Tray Agent"="c:\program files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe" [2014-11-18 255072]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-06-22 598552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DokanMb;DokanMb;c:\windows\system32\DRIVERS\dokanMb.sys;c:\windows\SYSNATIVE\DRIVERS\dokanMb.sys [x]
R3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\DRIVERS\aswTap.sys;c:\windows\SYSNATIVE\DRIVERS\aswTap.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2016-06-30 11:55 322232 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contents of the 'Scheduled Tasks' folder
.
2016-09-24 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [2016-09-14 20:35]
.
2016-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-04 20:35]
.
2016-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-03-21 15:19]
.
2016-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-03-21 15:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-04-10 18:43 1641672 ----a-w- c:\users\Ivan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-04-10 18:43 1641672 ----a-w- c:\users\Ivan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-04-10 18:43 1641672 ----a-w- c:\users\Ivan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-04-10 18:43 1641672 ----a-w- c:\users\Ivan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-04-10 18:43 1641672 ----a-w- c:\users\Ivan\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-10-25 5299320]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.rs/
mLocal Page = c:\windows\SysWOW64\blank.htm
mStart Page = google.com/?trackid=sp-006
mSearch Page = google.com/search?q={searchTerms}
mSearch Bar = google.com/?trackid=sp-006
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 192.168.1.1 0.0.0.0
FF - ProfilePath - c:\users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\jwuggbxi.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.rs/?gws_rd=ssl
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Toolbar-10 - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_162_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_162_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.23"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2016-09-25 15:59:33
ComboFix-quarantined-files.txt 2016-09-25 13:59
.
Pre-Run: 84,591,480,832 bytes free
Post-Run: 84,454,756,352 bytes free
.
- - End Of File - - 2E79ABBAB60F2F9C1C7018C528D03308
A36C5E4F47E84449FF07ED3517B43A31

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Napisano: 25 Sep 2016 16:10

CF je pokretan dva puta i ne po instrukcijama sa radne povrsine (desktop) vec iz download foldera.

Postavi mi originalni ComboFix izvestaj koji se nalazi u Qoobox folderu.
Ovo bi trebala da je putanja: C:\Qoobox\ComboFix2.txt

Dopuna: 25 Sep 2016 16:11

A trazen je i ComboFix-quarantined-files.txt izvestaj.

offline
  • Pridružio: 20 Maj 2012
  • Poruke: 19
  • Gde živiš: Čačak

Napisano: 25 Sep 2016 16:13

mycity.rs/must-login.png

Dopuna: 25 Sep 2016 16:23

mycity.rs/must-login.png

Dopuna: 25 Sep 2016 16:24

Jel to to?

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

FSS?

offline
  • Pridružio: 20 Maj 2012
  • Poruke: 19
  • Gde živiš: Čačak

Da, FSS sam prebacio na radnu povrsinu i onda sam isao na sken...

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Super. Hajde ti jos jednom detaljno procitaj moje uputstvo za FSS.

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Ocigledno ne ide komunikacija izmedju nas, a i ne bih da te zadrzavam u Ambulanti, problem koji ti imas nije prouzrokovan infekciom. Oba alata su to potvrdila.


Probaj da odradis SFC /scannow preko prompt-a (trebace ti OS instalacija) ili da odradis repair OS-a. Mozda da potrazis pomoc u Windows forumu.








Sledeća procedura će implementirati završno čišćenje - uklanjanje koriscenih alata.



Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 20 Maj 2012
  • Poruke: 19
  • Gde živiš: Čačak

Ok, hvala.

Ko je trenutno na forumu
 

Ukupno su 791 korisnika na forumu :: 28 registrovanih, 5 sakrivenih i 758 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: branko7, BSD, darkangel, dejanru, DonRumataEstorski, dule clio, Hoegaarden, Insan, Iskander, Joja, kalens021, Koca Popovic, KS, kybonacci, m0nstrum_, Milovan1111, moonshine, Ognjen D., Panonsky, pein, rovac, Snorks, sovanova95, stringer bell, trutcina, USSVoyager, Vezista, zlaya011