offline
- Pavac
- Zaslužni građanin
- Pridružio: 25 Avg 2015
- Poruke: 577
- Gde živiš: Sremska Mitrovica
|
Napisano: 12 Sep 2015 9:00
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01
Ran by b (administrator) on BB (12-09-2015 08:56:36)
Running from C:\Users\b\Downloads
Loaded Profiles: b (Available Profiles: b)
Platform: Windows 8.1 Pro (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-02-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2008-10-13] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2009-02-28] (cyberlink)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-02] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3631600276-55857721-3709648274-1001\...\Run: [DAEMON Tools Lite] => D:\dejmon\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-01] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-10-20]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2014-08-07]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9E1B253F-1B89-4633-8807-2A8A0DC1C446}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3631600276-55857721-3709648274-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: SalePlus -> {d47cf51d-4303-473e-a79d-021ad31d11fe} -> C:\Program Files (x86)\SalePlus\RpIyQpyLUYOh8x.x64.dll [2015-04-19] ()
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-26] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-26] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\d98e15wf.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-26] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-3631600276-55857721-3709648274-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\b\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-17] (Unity Technologies ApS)
FF Extension: SaLePlUs - C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\d98e15wf.default\Extensions\9syiyu@N.net [2015-03-19]
FF Extension: SalaePlus - C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\d98e15wf.default\Extensions\scvDu@qCszXe.net [2015-04-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-07]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.rs/?gws_rd=ssl"
CHR Profile: C:\Users\b\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-29]
CHR Extension: (YouTube) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-29]
CHR Extension: (Google Search) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-29]
CHR Extension: (Google Docs Offline) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-02]
CHR Extension: (Avast Online Security) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-29]
CHR Extension: (Gmail) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-01] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-01] (Avast Software)
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53320 2014-11-13] (Just Develop It) <==== ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-01] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-01] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-01] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-02] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-01] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-01] ()
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-07] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49776 2014-07-25] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-01] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2009-02-28] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-12 08:56 - 2015-09-12 08:57 - 00014935 _____ C:\Users\b\Downloads\FRST.txt
2015-09-12 08:56 - 2015-09-12 08:56 - 00000000 ____D C:\FRST
2015-09-12 08:55 - 2015-09-12 08:56 - 02190848 _____ (Farbar) C:\Users\b\Downloads\FRST64.exe
2015-09-12 08:14 - 2015-09-12 08:14 - 00000000 ___RD C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2015-09-09 08:32 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 08:32 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 08:32 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 08:32 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 08:32 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 08:32 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 08:32 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 08:32 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 08:32 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 08:32 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 08:32 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 08:32 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 08:32 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 08:32 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 08:32 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 08:32 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 08:32 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 08:32 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 08:32 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 08:32 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 08:32 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 08:31 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 08:31 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 08:31 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 08:31 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 08:31 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 08:31 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 08:31 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 08:31 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 08:31 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 08:31 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 08:31 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 08:31 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 08:31 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 08:31 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-09 08:31 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 08:31 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-09 08:31 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 08:31 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 08:31 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 08:31 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 08:31 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 08:31 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 08:31 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 08:31 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-09 08:31 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 08:31 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-09 08:31 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 08:31 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 08:31 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 08:31 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 08:31 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 08:31 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 08:31 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 08:31 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 08:31 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 08:31 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 08:31 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 08:31 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-09 08:31 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-09 08:31 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 08:31 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-09 08:31 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-09 08:31 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 08:31 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 08:31 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 08:31 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 08:31 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 08:31 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 08:31 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-09 08:31 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-09 08:31 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-09 08:31 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-09 08:31 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-09 08:31 - 2015-07-13 21:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-09 08:31 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-09 08:31 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-09 08:31 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-09 08:31 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-02 19:04 - 2015-09-02 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-02 19:04 - 2015-09-02 19:04 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-08-27 21:19 - 2015-09-10 13:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-24 10:13 - 2015-08-24 10:13 - 519473117 _____ C:\Windows\MEMORY.DMP
2015-08-24 10:13 - 2015-08-24 10:13 - 00280408 _____ C:\Windows\Minidump\082415-13265-01.dmp
2015-08-24 10:13 - 2015-08-24 10:13 - 00000000 ____D C:\Windows\Minidump
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-12 08:57 - 2015-06-23 20:41 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-12 08:37 - 2014-08-07 15:28 - 01137209 _____ C:\Windows\WindowsUpdate.log
2015-09-12 08:19 - 2014-08-07 15:33 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3631600276-55857721-3709648274-1001
2015-09-12 08:17 - 2014-08-08 13:04 - 00003886 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7E051242-AEAD-4164-A0E6-EA8E4982AFDE}
2015-09-12 08:16 - 2015-06-23 20:41 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-12 08:14 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-11 21:36 - 2014-08-07 15:46 - 00000000 ____D C:\Users\b\AppData\Roaming\ClassicShell
2015-09-11 21:13 - 2014-10-20 19:04 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-11 16:19 - 2015-05-06 09:40 - 00000000 ____D C:\Users\b\Desktop\slike nove
2015-09-11 13:43 - 2013-09-30 06:12 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-11 13:37 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-11 13:36 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-10 13:25 - 2013-08-22 16:46 - 00043563 _____ C:\Windows\setupact.log
2015-09-10 13:25 - 2013-08-22 16:44 - 00483896 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 13:24 - 2014-11-13 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-10 13:24 - 2013-09-29 22:03 - 00047474 _____ C:\Windows\PFRO.log
2015-09-09 21:02 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-09 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\en-GB
2015-09-09 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 10:50 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-09-09 09:32 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-09 09:31 - 2013-09-30 05:59 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 09:30 - 2014-08-07 16:46 - 00000000 ____D C:\Windows\system32\MRT
2015-09-09 09:25 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2015-09-06 19:59 - 2015-07-27 14:44 - 00000000 ____D C:\Users\b\Desktop\hrana
2015-09-02 19:04 - 2014-10-20 19:04 - 00001910 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-09-02 08:57 - 2015-06-23 20:42 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-30 17:51 - 2015-06-23 20:41 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 17:51 - 2015-06-23 20:41 - 00003648 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-26 18:37 - 2014-08-07 16:46 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-19 10:36 - 2014-08-07 18:59 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-19 10:36 - 2014-08-07 18:59 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-19 10:36 - 2014-08-07 12:02 - 00003818 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1407430794
Some files in TEMP:
====================
C:\Users\b\AppData\Local\Temp\41C0.exe
C:\Users\b\AppData\Local\Temp\4700.exe
C:\Users\b\AppData\Local\Temp\95A8.exe
C:\Users\b\AppData\Local\Temp\BackupSetup.exe
C:\Users\b\AppData\Local\Temp\BB80.exe
C:\Users\b\AppData\Local\Temp\bitool.dll
C:\Users\b\AppData\Local\Temp\C790.exe
C:\Users\b\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\b\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\b\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.5.exe
C:\Users\b\AppData\Local\Temp\mirc741.exe
C:\Users\b\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\b\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\b\AppData\Local\Temp\SkypeSetup.exe
C:\Users\b\AppData\Local\Temp\uninstall.exe
C:\Users\b\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-03 09:33
==================== End of FRST.txt ============================
Dopuna: 12 Sep 2015 9:01
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
Ran by b (2015-09-12 08:57:40)
Running from C:\Users\b\Downloads
Windows 8.1 Pro (X64) (2014-08-07 13:28:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3631600276-55857721-3709648274-500 - Administrator - Disabled)
b (S-1-5-21-3631600276-55857721-3709648274-1001 - Administrator - Enabled) => C:\Users\b
Guest (S-1-5-21-3631600276-55857721-3709648274-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3631600276-55857721-3709648274-1001\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.0.1) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA0000000001}) (Version: 10.0.1 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.43.1008 - Webteh, d.o.o.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1501 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Freemake Video Converter version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
ManyCam 4.0.109 (HKLM-x32\...\ManyCam) (Version: 4.0.109 - Visicom Media Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 sr) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 sr)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
NBA 2K10 (HKLM-x32\...\NBA 2K10 RePack by Chikatila_is1) (Version: - )
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
PES-Serbia JSL 2015 version 1.0.0.0 (HKLM-x32\...\PES-Serbia JSL 2015_is1) (Version: 1.0.0.0 - www.pes-serbia.com)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2015 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
SalePlus (HKLM-x32\...\{B696F285-F54E-2524-58B1-E06A70ABE6BE}) (Version: - ) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Unity Web Player (HKU\S-1-5-21-3631600276-55857721-3709648274-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
War Thunder Launcher 1.0.1.391 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
26-08-2015 15:09:25 Scheduled Checkpoint
03-09-2015 09:36:27 Scheduled Checkpoint
09-09-2015 09:23:47 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2015-09-02 19:04 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0727BD1A-6695-45AA-9E02-66A4E8F0BA8D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {2D9EA06F-721D-4EB8-B6C9-A22B702F61F0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {3C27D649-C541-446E-91DA-723F852725E5} - System32\Tasks\Opera scheduled Autoupdate 1407430794 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {3C7CF479-91DC-4EC0-B8C0-1D5737556D93} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {4CCCEF60-A3E8-48B5-A0A7-49FFCADC7F2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-23] (Google Inc.)
Task: {6C3AAF0B-FEC4-449C-9C78-92668A8763B0} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {9BCFBAAC-A880-4D7D-A3C6-470C6559F782} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-08-07] ()
Task: {DCC59E16-0CDF-4C9A-895C-416B63BB8E7D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-01] (Avast Software s.r.o.)
Task: {F24C8948-464D-456F-A58A-A204CC08FC6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-23] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-11-13 11:59 - 2014-11-13 11:57 - 00270336 _____ () C:\Program Files (x86)\MyPC Backup\AlphaFS.dll
2014-11-13 11:59 - 2014-11-13 11:57 - 00060928 _____ () C:\Program Files (x86)\MyPC Backup\LinqBridge.dll
2014-11-13 11:59 - 2014-11-13 11:58 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-11-13 11:59 - 2014-11-13 11:57 - 00065536 _____ () C:\Program Files (x86)\MyPC Backup\BplusDotNet.dll
2015-07-01 22:06 - 2015-07-01 22:06 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-01 22:06 - 2015-07-01 22:06 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-09 14:46 - 2015-09-09 14:46 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15090900\algo.dll
2015-09-11 21:14 - 2015-09-11 21:14 - 02962944 _____ () C:\Program Files\AVAST Software\Avast\defs\15091105\algo.dll
2015-07-01 22:06 - 2015-07-01 22:06 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3631600276-55857721-3709648274-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\b\Desktop\slike nove\216382-24.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{AB92D6EA-DEED-42CA-AC40-B5256CC1A49B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{B6A5FD2D-72B2-4DCD-832C-D6D449831989}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [TCP Query User{382F6045-92F7-40AD-96A7-BC1DBB2A0786}C:\users\b\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\b\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9CC03E45-7906-44A6-82DC-D9D46EF7B647}C:\users\b\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\b\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{99148C8D-BA31-404B-B990-59F503679CA4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3F05EE22-FCED-4E6E-89B1-38FC78DC51C8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{8C1D24FF-AAE6-4F4C-BBBD-6A80764319C0}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{BD3E9821-FD46-4B84-A9F8-161CB726A8A3}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{80173F70-525F-4F8C-AB2D-E2085D368FB8}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{B73D87B1-0B43-4326-A59F-1E044B7D3B0C}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{F40C1FE6-DAC4-495C-8404-C3B0C2729984}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{DBF08579-8B48-4FDE-9AFE-41FFD62287F2}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{798AFE00-BF6B-4FF5-A850-22390C15FFFB}] => (Allow) LPort=80
FirewallRules: [{A7595FFB-4292-4D0C-9281-A781996AA554}] => (Allow) LPort=80
FirewallRules: [{9BDA5381-D0B9-4138-B0E3-B9999E809E57}] => (Allow) LPort=443
FirewallRules: [{836E6C5A-3EDB-4710-A6E8-99A2A00A6C3A}] => (Allow) LPort=443
FirewallRules: [{5E8DD1D1-EBBB-4376-A20B-C499221D9B73}] => (Allow) LPort=20010
FirewallRules: [{4AA561B6-19C4-41EF-80FF-404B9A59FE88}] => (Allow) LPort=20010
FirewallRules: [{13F3DC90-02A9-4D1E-8C92-31A46E634C84}] => (Allow) LPort=3478
FirewallRules: [{8FD8BFA0-639D-4D76-AA1E-FBB752B5F4B0}] => (Allow) LPort=3478
FirewallRules: [{2A357649-262B-4884-BFA2-CB5D71595376}] => (Allow) LPort=7850
FirewallRules: [{D75CCF5E-2ACD-4A2A-A3C6-3560261B1C3D}] => (Allow) LPort=7850
FirewallRules: [{74371B1E-CB48-4833-8E35-688D0D8D8129}] => (Allow) LPort=7852
FirewallRules: [{EC45CDD6-2E7D-47FC-9EE5-9A953D7B74FB}] => (Allow) LPort=7852
FirewallRules: [{AF898D3A-A1B7-41CC-9694-8C2775C3219A}] => (Allow) LPort=7853
FirewallRules: [{29C875D7-E225-40D8-886B-4572E92FF673}] => (Allow) LPort=7853
FirewallRules: [{5BF0BAFA-75ED-49E0-9E8B-BA9F06681AE5}] => (Allow) LPort=27022
FirewallRules: [{BC1C003D-0DE4-49C6-9984-E1032DF7FCFB}] => (Allow) LPort=27022
FirewallRules: [{1604C2B5-7F80-4707-95FC-CABF96E5527C}] => (Allow) LPort=6881
FirewallRules: [{5A9C004B-88C4-4AAB-B648-FF994A8ACE95}] => (Allow) LPort=6881
FirewallRules: [{AB080061-1706-49B4-9284-CD8054B8E10A}] => (Allow) LPort=33333
FirewallRules: [{8D3EEEA9-63BB-46F3-9DB1-1F1C6573D180}] => (Allow) LPort=33333
FirewallRules: [{10DCEC4E-05A4-49BA-B023-20A7A3141819}] => (Allow) LPort=20443
FirewallRules: [{F42DE34D-A5D0-4579-981A-A5864FA8A1ED}] => (Allow) LPort=20443
FirewallRules: [{651B5E9B-2BF5-44AE-B0DB-5CFC1A951096}] => (Allow) LPort=8090
FirewallRules: [{CD3FC3B7-2E54-42AC-9F61-317A41DA16E5}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{38F9FC9B-4A10-4CDD-812E-AEF5FE5ECAF6}D:\warthunder\aces.exe] => (Allow) D:\warthunder\aces.exe
FirewallRules: [UDP Query User{3FD95808-6AB6-4A2D-8650-704667704128}D:\warthunder\aces.exe] => (Allow) D:\warthunder\aces.exe
FirewallRules: [{1A9C640B-CD1B-4E58-8637-154309DC05A6}] => (Block) D:\warthunder\aces.exe
FirewallRules: [{7747F207-36A8-4FFB-B4C1-56CE1150BEE1}] => (Block) D:\warthunder\aces.exe
FirewallRules: [TCP Query User{B5CA55B7-37BF-4828-90F4-AE4EE3DFE887}D:\prototype_2-flt\prototype2.exe] => (Allow) D:\prototype_2-flt\prototype2.exe
FirewallRules: [UDP Query User{FA9C5A9B-ED76-40A8-B7BC-0E30E9C2488A}D:\prototype_2-flt\prototype2.exe] => (Allow) D:\prototype_2-flt\prototype2.exe
FirewallRules: [{7F99F971-D7A8-48A6-AC7C-51010DF12A2F}] => (Block) D:\prototype_2-flt\prototype2.exe
FirewallRules: [{6C9C9095-700B-4728-AFCB-C672B8292C4A}] => (Block) D:\prototype_2-flt\prototype2.exe
FirewallRules: [{A35BB0E5-39FF-4D58-9534-38303D0EE751}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{D615C1A6-7A6D-42DC-A9D4-92C9C0892F42}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [TCP Query User{C318F0BE-8654-40D5-9A24-59657FE2055F}D:\mortal kombat complete edition\mkke.exe] => (Allow) D:\mortal kombat complete edition\mkke.exe
FirewallRules: [UDP Query User{F60D59D5-DAC8-4E7A-8584-CA2EA9746413}D:\mortal kombat complete edition\mkke.exe] => (Allow) D:\mortal kombat complete edition\mkke.exe
FirewallRules: [{7F4D914A-A00C-4822-B167-311934C75B83}] => (Block) D:\mortal kombat complete edition\mkke.exe
FirewallRules: [{89781CB1-9DE2-486A-995D-BAD24E3D42BD}] => (Block) D:\mortal kombat complete edition\mkke.exe
FirewallRules: [TCP Query User{A4C701FD-5066-4810-B099-92C335CAB63B}E:\(zabranjeno)\pes2013.exe] => (Allow) E:\(zabranjeno)\pes2013.exe
FirewallRules: [UDP Query User{BE920072-A841-4DB5-91D6-319F63F382AA}E:\(zabranjeno)\pes2013.exe] => (Allow) E:\(zabranjeno)\pes2013.exe
FirewallRules: [{A419BDB6-23B8-4C73-9412-DF9AC2DCB6D6}] => (Block) E:\(zabranjeno)\pes2013.exe
FirewallRules: [{D3177D8A-79DC-41E3-B93F-7BE180DE3C4B}] => (Block) E:\(zabranjeno)\pes2013.exe
FirewallRules: [TCP Query User{5C1F6330-2B45-45D7-ADC7-841EBDD74574}D:\pro.evolution.soccer.2015-reloaded\pro evolution soccer 2015\pes2015.exe] => (Allow) D:\pro.evolution.soccer.2015-reloaded\pro evolution soccer 2015\pes2015.exe
FirewallRules: [UDP Query User{AF95FF78-AB1B-4EC5-B44A-B981F04B6343}D:\pro.evolution.soccer.2015-reloaded\pro evolution soccer 2015\pes2015.exe] => (Allow) D:\pro.evolution.soccer.2015-reloaded\pro evolution soccer 2015\pes2015.exe
FirewallRules: [{1618D33A-41F8-4A18-A282-6AD99AC4AEF6}] => (Block) D:\pro.evolution.soccer.2015-reloaded\pro evolution soccer 2015\pes2015.exe
FirewallRules: [{552AAF15-373F-489F-834D-5FEF343C918F}] => (Block) D:\pro.evolution.soccer.2015-reloaded\pro evolution soccer 2015\pes2015.exe
FirewallRules: [{D55A8769-8ADD-46A4-A91F-4C3457BC7F28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F3FA0F84-E160-4A8E-ABDD-32BFFEE92B1D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1BA6A081-D72F-4C2B-B523-70D34B018501}D:\mirc\mirc.exe] => (Block) D:\mirc\mirc.exe
FirewallRules: [UDP Query User{047AF591-0BF4-49A3-BF94-68F603A194A6}D:\mirc\mirc.exe] => (Block) D:\mirc\mirc.exe
FirewallRules: [TCP Query User{9D55F005-E10A-4F03-9969-93810997B546}D:\nba 2k10\nba 2k10 repack by chikatila\nba 2k10 repack by chikatila\nba2k10.exe] => (Allow) D:\nba 2k10\nba 2k10 repack by chikatila\nba 2k10 repack by chikatila\nba2k10.exe
FirewallRules: [UDP Query User{6D81AA6F-7828-4B86-B525-4318D8A90591}D:\nba 2k10\nba 2k10 repack by chikatila\nba 2k10 repack by chikatila\nba2k10.exe] => (Allow) D:\nba 2k10\nba 2k10 repack by chikatila\nba 2k10 repack by chikatila\nba2k10.exe
FirewallRules: [{9C0FB363-8B10-4CBF-8AB7-88158427C4FC}] => (Block) D:\nba 2k10\nba 2k10 repack by chikatila\nba 2k10 repack by chikatila\nba2k10.exe
FirewallRules: [{92036643-64F9-4028-B933-9655E9E43377}] => (Block) D:\nba 2k10\nba 2k10 repack by chikatila\nba 2k10 repack by chikatila\nba2k10.exe
FirewallRules: [{B38720F2-3D8D-4A28-AFFB-A984B3E09DC3}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{ADEF9FFC-8024-4BA5-924E-7BB270559247}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4779D384-D5BE-488F-8880-24A80A07F892}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F64ADA6E-53E6-407D-8898-D6FA7FEA2391}] => (Allow) C:\Windows\AutoKMS\AutoKMS.exe
FirewallRules: [{67E51FD6-A591-4FEA-A732-B2FDEB2B1E15}] => (Allow) C:\Windows\AutoKMS\AutoKMS.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/12/2015 08:18:17 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/12/2015 08:17:56 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=3
Error: (09/12/2015 08:17:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.5.0.0, time stamp: 0x52aef33f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0xe0434352
Fault offset: 0x0000000000008b9c
Faulting process ID: 0xb28
Faulting application start time: 0xAutoKMS.exe0
Faulting application path: AutoKMS.exe1
Faulting module path: AutoKMS.exe2
Report ID: AutoKMS.exe3
Faulting package full name: AutoKMS.exe4
Faulting package-relative application ID: AutoKMS.exe5
Error: (09/12/2015 08:17:30 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ApplicationException
Stack:
at ..()
at ..(., System.String, Boolean, System.String, Int32, System.String, Boolean, Boolean, Boolean, Boolean, Boolean, Boolean, System.String, System.String)
at ..(Int32, System.String, System.String, Boolean, Boolean, Boolean, Boolean, ., Boolean, System.String, System.String, Boolean, Boolean)
at ..(.)
at ..()
Error: (09/11/2015 09:05:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.5.0.0, time stamp: 0x52aef33f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0xe0434352
Fault offset: 0x0000000000008b9c
Faulting process ID: 0xfa4
Faulting application start time: 0xAutoKMS.exe0
Faulting application path: AutoKMS.exe1
Faulting module path: AutoKMS.exe2
Report ID: AutoKMS.exe3
Faulting package full name: AutoKMS.exe4
Faulting package-relative application ID: AutoKMS.exe5
Error: (09/11/2015 09:05:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ApplicationException
Stack:
at ..()
at ..(., System.String, Boolean, System.String, Int32, System.String, Boolean, Boolean, Boolean, Boolean, Boolean, Boolean, System.String, System.String)
at ..(Int32, System.String, System.String, Boolean, Boolean, Boolean, Boolean, ., Boolean, System.String, System.String, Boolean, Boolean)
at ..(.)
at ..()
Error: (09/11/2015 08:52:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 40.0.3.5716, time stamp: 0x55ddb213
Faulting module name: webplayer_win.dll, version: 4.6.6.2872, time stamp: 0x557572cf
Exception code: 0xc0000005
Fault offset: 0x0029db05
Faulting process ID: 0xf9c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report ID: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5
Error: (09/11/2015 01:37:40 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/11/2015 01:37:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.5.0.0, time stamp: 0x52aef33f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0xe0434352
Fault offset: 0x0000000000008b9c
Faulting process ID: 0x10e8
Faulting application start time: 0xAutoKMS.exe0
Faulting application path: AutoKMS.exe1
Faulting module path: AutoKMS.exe2
Report ID: AutoKMS.exe3
Faulting package full name: AutoKMS.exe4
Faulting package-relative application ID: AutoKMS.exe5
Error: (09/11/2015 01:37:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
Stack:
at ..(System.String, System.String, ., System.String)
at ...ctor()
at ..(.)
at ..()
System errors:
=============
Error: (09/11/2015 01:37:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
%%1056
Error: (09/11/2015 01:37:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error:
%%1056
Error: (09/11/2015 01:37:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error: (09/11/2015 01:36:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:
%%1056
Error: (09/11/2015 01:36:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Background Intelligent Transfer Service service, but this action failed with the following error:
%%1056
Error: (09/11/2015 01:35:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (09/11/2015 01:35:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (09/11/2015 01:35:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (09/11/2015 01:35:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (09/11/2015 01:35:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU G1610 @ 2.60GHz
Percentage of memory in use: 49%
Total physical RAM: 4060.05 MB
Available physical RAM: 2049.53 MB
Total Virtual: 8156.05 MB
Available Virtual: 5721.69 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:247.4 GB) (Free:189.49 GB) NTFS
Drive d: () (Fixed) (Total:683.59 GB) (Free:590.84 GB) NTFS
Drive e: (PES2013_R1) (CDROM) (Total:5.78 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
|