MyCity » Ambulanta -> Arhiva Ambulante » provjera sistema

provjera sistema

Napisano na dan: 2.7.2015

provjera sistema

Sledeća strana

Pagination

Odgovori

Springfield Poslao: 02 Jul 2015 17:50 Idi na vrh
offline Springfield Moderator foruma 100%Milanista Information Technology Pridružio: 23 Avg 2008 Poruke: 2634 Gde živiš: Milan, Italy	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozdrav, Nije nista hitno a ni strasno samo jedna provjera. Pocelo je od prije 3-4 dana kada udjem na facebook pored strelice od misa stalno mi nesto i dalje ucitava. To sam za sada primijetio samo na facebook (Firefox). Ne znam zbog cega stalno ucitava ali neki problem postoji... Takodje ako moze posle provjere sistema od malware da provjerite koji su mi servisi upaljeni i da ih pogasim da mi se ne pale sa sistemom (oni nepotrebni) Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01 Ran by Springfieldz0r (administrator) on ANDROID-19C7E46 on 02-07-2015 17:45:08 Running from C:\Users\Springfieldz0r\Desktop Loaded Profiles: Springfieldz0r (Available Profiles: Springfieldz0r) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe () C:\Program Files (x86)\Garena Plus\ggdllhost.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Program Files (x86)\Join Air\AssistantServices.exe (Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (Flux Software LLC) C:\Users\Springfieldz0r\AppData\Local\FluxSoftware\Flux\flux.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Users\Springfieldz0r\AppData\Local\Viber\Viber.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-10] (Avast Software s.r.o.) HKU\S-1-5-21-2145776392-1472050533-324974990-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-2145776392-1472050533-324974990-1000\...\Run: [F.lux] => C:\Users\Springfieldz0r\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-2145776392-1472050533-324974990-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2145776392-1472050533-324974990-1000\...\RunOnce: [Uninstall C:\Users\Springfieldz0r\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Springfieldz0r\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" HKU\S-1-5-21-2145776392-1472050533-324974990-1000\...\MountPoints2: {57ccab62-873a-11e2-94f3-6c626d84b408} - F:\autorun.exe HKU\S-1-5-21-2145776392-1472050533-324974990-1000\...\MountPoints2: {a6714d5b-f884-11e4-802b-6c626d84b408} - F:\Lenovo_Suite.exe HKU\S-1-5-21-2145776392-1472050533-324974990-1000\...\MountPoints2: {add5721a-ee48-11e4-aff1-6c626d84b408} - F:\Lenovo_Suite.exe HKU\S-1-5-21-2145776392-1472050533-324974990-1000\...\MountPoints2: {add5723b-ee48-11e4-aff1-6c626d84b408} - F:\Lenovo_Suite.exe HKU\S-1-5-21-2145776392-1472050533-324974990-1000\...\MountPoints2: {fc5b303d-ee8c-11e4-9fe9-6c626d84b408} - F:\Lenovo_Suite.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-10] (Avast Software s.r.o.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Springfieldz0r\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Springfieldz0r\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Springfieldz0r\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Springfieldz0r\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Springfieldz0r\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Springfieldz0r\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Springfieldz0r\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Springfieldz0r\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2145776392-1472050533-324974990-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2145776392-1472050533-324974990-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKU\S-1-5-21-2145776392-1472050533-324974990-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01 SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-10] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-10] (Avast Software s.r.o.) BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL No File BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: WSISVCUchrome - No CLSID Value Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{66A5CDC7-99D2-489D-A009-A1DE0A19673D}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{FAFABC99-746E-4865-8021-13F67C4B4BEF}: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\Springfieldz0r\AppData\Roaming\Mozilla\Firefox\Profiles\urh1dwro.default-1406026697443 FF NewTab: hxxp://www.google.com/ FF Homepage: hxxp://www.google.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-28] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-28] () FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-03-26] (Nitro PDF) FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2014-07-07] ( Garena) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-03-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-03-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-03-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-03-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-03-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.) FF SearchPlugin: C:\Users\Springfieldz0r\AppData\Roaming\Mozilla\Firefox\Profiles\urh1dwro.default-1406026697443\searchplugins\bing-avast.xml [2014-07-21] FF Extension: Qualys BrowserCheck - C:\Users\Springfieldz0r\AppData\Roaming\Mozilla\Firefox\Profiles\urh1dwro.default-1406026697443\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-07-22] FF Extension: Firebug - C:\Users\Springfieldz0r\AppData\Roaming\Mozilla\Firefox\Profiles\urh1dwro.default-1406026697443\Extensions\firebug@software.joehewitt.com.xpi [2014-07-22] FF Extension: Awesome screenshot: Capture and Annotate - C:\Users\Springfieldz0r\AppData\Roaming\Mozilla\Firefox\Profiles\urh1dwro.default-1406026697443\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2014-07-22] FF Extension: Web Developer - C:\Users\Springfieldz0r\AppData\Roaming\Mozilla\Firefox\Profiles\urh1dwro.default-1406026697443\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-07-22] FF Extension: Adblock Plus - C:\Users\Springfieldz0r\AppData\Roaming\Mozilla\Firefox\Profiles\urh1dwro.default-1406026697443\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-22] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-14] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-05-15] <==== ATTENTION Chrome: ======= CHR Profile: C:\Users\Springfieldz0r\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Springfieldz0r\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-11] CHR Extension: (Google Drive) - C:\Users\Springfieldz0r\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-11] CHR Extension: (YouTube) - C:\Users\Springfieldz0r\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-11] CHR Extension: (Google Search) - C:\Users\Springfieldz0r\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-11] CHR Extension: (Avast Online Security) - C:\Users\Springfieldz0r\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-30] CHR Extension: (PictureMate - View hidden pictures) - C:\Users\Springfieldz0r\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmlalkcjmglpgdkmkmmgjcajahkoigj [2015-06-01] CHR Extension: (Google Wallet) - C:\Users\Springfieldz0r\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-11] CHR Extension: (Gmail) - C:\Users\Springfieldz0r\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-11] CHR Extension: (RSS Feed Reader) - C:\Users\Springfieldz0r\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2014-02-20] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-03-31] (Advanced Micro Devices, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-10] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-19] (Avast Software) S4 AXIS Camera Management; C:\Program Files (x86)\Axis Communications\AXIS Camera Management 4\AcmService.exe [17920 2013-09-05] (Axis Communications) [File not signed] S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S4 MTel_ontenegro Imola Modem Device Helper; C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe [53312 2012-03-14] () S4 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software) R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-02-15] (Nalpeiron Ltd.) [File not signed] R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH) R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [252784 2010-07-14] () R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-10] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-10] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-10] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-10] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-10] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-10] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-10] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-10] () S2 BT848; C:\Windows\System32\drivers\BT848.sys [421248 2009-12-27] (Illusion & Hope. Porting to AMD64 by Sergey Sakharov.) [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-07-11] (DT Soft Ltd) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [30112 2013-03-08] (REALiX(tm)) S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [120832 2011-06-20] (TCT International Mobile Ltd) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation) S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2013-02-17] (Padus, Inc.) [File not signed] S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [108296 2007-04-03] (MCCI Corporation) S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [126216 2007-04-03] (MCCI Corporation) S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [31496 2007-04-03] (MCCI Corporation) S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [130824 2007-04-03] (MCCI Corporation) R3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1202688 2009-10-26] (Motorola Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-07-17] () [File not signed] S3 TS_AR5416; C:\Windows\System32\DRIVERS\ts_athwx.sys [2157672 2013-07-23] (TamoSoft) S3 TS_ARN5416; C:\Windows\System32\DRIVERS\ts_athrx.sys [3543752 2013-08-16] (TamoSoft) S3 ULCDRHlp; C:\Windows\SysWOW64\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed] R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-19] (Avast Software) R3 vvftav; C:\Windows\System32\drivers\vvftav.sys [300800 2007-02-02] (Vimicro Corporation) R3 ZSMC0305; C:\Windows\System32\Drivers\usbVM305.sys [1541120 2007-03-08] (Vimicro Corporation) S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-02 17:45 - 2015-07-02 17:46 - 00022874 _____ C:\Users\Springfieldz0r\Desktop\FRST.txt 2015-07-02 17:44 - 2015-07-02 17:45 - 00000000 ____D C:\FRST 2015-07-02 17:44 - 2015-07-02 17:44 - 02112512 _____ (Farbar) C:\Users\Springfieldz0r\Desktop\FRST64.exe 2015-07-02 17:38 - 2015-07-02 17:38 - 01671168 _____ C:\Users\Springfieldz0r\Desktop\capture-1.camrec 2015-07-02 17:38 - 2015-07-02 17:38 - 00000000 ____D C:\Users\Springfieldz0r\Desktop\capture-1 2015-07-02 17:35 - 2015-07-02 17:38 - 00003584 _____ C:\Users\Springfieldz0r\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-07-02 17:35 - 2015-07-02 17:37 - 00864216 _____ C:\Users\Springfieldz0r\Desktop\capture-1.avi 2015-07-02 16:46 - 2015-07-02 16:48 - 00000000 ____D C:\AdwCleaner 2015-07-02 16:46 - 2015-07-02 16:46 - 02244096 _____ C:\Users\Springfieldz0r\Desktop\AdwCleaner.exe 2015-07-01 16:39 - 2015-07-01 23:57 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-01 16:39 - 2015-07-01 16:39 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-07-01 16:39 - 2015-07-01 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-07-01 16:39 - 2015-07-01 16:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-07-01 16:39 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-07-01 16:39 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-07-01 16:39 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-07-01 16:35 - 2015-07-01 16:36 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Springfieldz0r\Desktop\mbam-setup-2.1.8.1057.exe 2015-07-01 13:57 - 2015-07-01 15:58 - 00000000 ____D C:\Users\Springfieldz0r\Desktop\ja 2015-06-29 19:17 - 2015-06-29 19:19 - 11069326 _____ C:\Users\Springfieldz0r\Desktop\Flashlight JessieJ and Tom Bleasby.mp4 2015-06-29 02:02 - 2015-06-29 02:02 - 00006182 _____ C:\Users\Springfieldz0r\Desktop\New Microsoft Excel Worksheet (2).xlsx 2015-06-28 17:57 - 2015-06-28 17:57 - 00000000 ____D C:\Users\Springfieldz0r\AppData\Roaming\InstallShield 2015-06-26 13:28 - 2015-06-26 13:29 - 00001327 _____ C:\Users\Springfieldz0r\Desktop\New Text Document (4).txt 2015-06-25 22:01 - 2015-06-30 20:15 - 00000000 ____D C:\Users\Springfieldz0r\Desktop\slike 2015-06-25 09:37 - 2015-06-25 09:37 - 00000000 ____D C:\Users\Springfieldz0r\Desktop\index-strana 2015-06-25 09:35 - 2015-06-25 09:35 - 20856921 _____ C:\Users\Springfieldz0r\Desktop\index-strana.zip 2015-06-22 22:14 - 2015-06-22 22:14 - 00000000 _____ C:\Users\Springfieldz0r\Desktop\New Text Document (3).txt 2015-06-22 11:27 - 2015-06-22 11:27 - 00025600 _____ C:\Users\Springfieldz0r\Desktop\Taksa.xls 2015-06-21 12:09 - 2015-06-21 12:12 - 00000167 _____ C:\Users\Springfieldz0r\Desktop\New Text Document (2).txt 2015-06-19 18:01 - 2015-06-20 00:32 - 00000000 ____D C:\Users\Springfieldz0r\Desktop\pes najnoviji patch 2015-06-19 18:01 - 2015-06-19 18:01 - 00017315 _____ C:\Users\Springfieldz0r\Desktop\Torrent Patch Tuga Vicio 3.0.rar 2015-06-19 18:01 - 2015-06-19 18:01 - 00000000 ____D C:\Users\Springfieldz0r\Desktop\Torrent Patch Tuga Vicio 3.0 2015-06-18 14:54 - 2015-06-18 14:54 - 00000131 _____ C:\Users\Springfieldz0r\Desktop\New Text Document.txt 2015-06-18 01:12 - 2015-06-18 01:12 - 22714810 _____ C:\Users\Springfieldz0r\Desktop\11297879_885163844890865_818289180_n.psd 2015-06-17 16:24 - 2015-06-17 16:25 - 00000000 ____D C:\Program Files (x86)\GUM78AE.tmp 2015-06-15 23:20 - 2015-06-15 23:20 - 00012040 _____ C:\Users\Springfieldz0r\Desktop\Danijela-excel.xlsx 2015-06-15 20:21 - 2015-06-15 20:21 - 00006182 _____ C:\Users\Springfieldz0r\Desktop\New Microsoft Excel Worksheet.xlsx 2015-06-10 13:30 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-10 13:30 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-06-10 13:30 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 13:30 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-06-10 13:30 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-06-10 13:30 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-06-10 13:30 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-06-10 13:30 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-06-10 13:30 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-06-10 13:30 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-06-10 13:30 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-06-10 13:30 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-06-10 13:30 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-06-10 13:30 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-06-10 13:30 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-06-10 13:30 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-06-10 13:30 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-06-10 13:30 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-06-10 13:30 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-06-10 13:30 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-06-10 13:30 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-06-10 13:30 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-06-10 13:30 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-06-10 13:30 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-06-10 13:30 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-06-10 13:30 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-06-10 13:30 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-06-10 13:30 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-06-10 13:30 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-06-10 13:30 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-06-10 13:30 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 13:30 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-10 13:30 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-10 13:30 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 13:30 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 13:30 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 13:30 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-10 13:30 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-10 13:30 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 13:30 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 13:30 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-10 13:30 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 13:30 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 13:30 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-10 13:30 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 13:30 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-10 13:30 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-10 13:30 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 13:30 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-10 13:30 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-10 13:30 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 13:30 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 13:30 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-10 13:30 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 13:30 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 13:30 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-10 13:30 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 13:30 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 13:30 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 13:30 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-10 12:50 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-10 12:50 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-10 12:50 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-10 12:50 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-10 12:50 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 12:50 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-06-10 12:50 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-06-10 12:50 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-06-10 12:50 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-06-10 12:50 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-06-10 12:47 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-10 12:47 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-10 12:47 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-10 12:47 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-10 12:47 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-10 12:47 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-10 12:47 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-10 12:47 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-10 12:45 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-06-10 12:45 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-10 12:45 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-06-10 12:45 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-06-10 12:45 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-06-10 12:45 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-06-10 12:45 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-06-10 12:45 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-10 12:45 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-06-10 12:45 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-06-10 12:45 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-06-10 12:45 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-06-10 12:45 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-06-10 12:45 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-06-10 12:45 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-06-10 12:45 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-06-10 12:45 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-06-10 12:45 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-06-10 12:45 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-10 12:45 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-06-10 12:45 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-06-10 12:45 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-06-10 12:45 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-06-10 12:45 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-06-10 12:45 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2015-06-10 12:45 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-06-10 12:45 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2015-06-10 12:45 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2015-06-10 12:45 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-06-10 12:45 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2015-06-10 12:45 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-06-10 12:45 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-06-10 12:45 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-06-10 12:45 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-06-10 12:45 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-06-10 12:45 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-10 12:45 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-06-10 12:45 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-06-10 12:45 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 12:45 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-06-10 12:43 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-10 12:43 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-06-10 12:36 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-10 12:35 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-02 17:37 - 2012-10-09 21:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-02 17:14 - 2014-01-11 18:19 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-02 17:00 - 2014-09-26 19:17 - 00000000 ____D C:\Program Files (x86)\iSkysoft 2015-07-02 16:59 - 2014-09-26 19:17 - 00000000 ____D C:\ProgramData\iSkysoft 2015-07-02 16:58 - 2012-12-22 17:24 - 00000000 ____D C:\Program Files (x86)\Free mp3 Wma Converter 2015-07-02 16:58 - 2012-10-17 18:24 - 00000000 ____D C:\Program Files (x86)\ACMilan-Script 4.5 white 2015-07-02 16:57 - 2012-10-10 05:17 - 01432154 _____ C:\Windows\WindowsUpdate.log 2015-07-02 16:55 - 2015-03-06 19:43 - 00000000 ____D C:\Users\Springfieldz0r\AppData\Roaming\ViberPC 2015-07-02 16:52 - 2012-10-09 20:36 - 00000000 ____D C:\ProgramData\MCShield 2015-07-02 16:51 - 2013-03-14 02:26 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-07-02 16:50 - 2015-05-31 13:47 - 00003496 _____ C:\Windows\System32\Tasks\gg_uac_daemon_Springfieldz0r 2015-07-02 16:50 - 2015-04-02 11:18 - 00024249 _____ C:\Windows\setupact.log 2015-07-02 16:50 - 2014-01-11 18:19 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-02 16:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-02 16:49 - 2015-04-10 16:04 - 00021668 _____ C:\Windows\PFRO.log 2015-07-02 16:48 - 2009-07-14 06:45 - 00026112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-02 16:48 - 2009-07-14 06:45 - 00026112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-01 18:18 - 2014-12-26 11:54 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-01 03:26 - 2012-10-25 15:52 - 00000000 ____D C:\Program Files (x86)\Medjed-Skript v1.5 Black 2015-07-01 03:17 - 2012-10-14 07:47 - 00000000 ____D C:\Users\Springfieldz0r\AppData\Roaming\Skype 2015-06-30 13:58 - 2012-11-04 18:09 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-06-30 13:57 - 2015-01-31 17:06 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-06-30 13:56 - 2012-11-08 19:21 - 00000000 ____D C:\Users\Springfieldz0r\AppData\Roaming\TeamViewer 2015-06-29 19:22 - 2014-05-16 22:07 - 00719506 _____ C:\Windows\system32\perfh019.dat 2015-06-29 19:22 - 2014-05-16 22:07 - 00151752 _____ C:\Windows\system32\perfc019.dat 2015-06-29 19:22 - 2009-07-14 07:13 - 01657982 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-28 18:42 - 2013-06-23 14:45 - 00000964 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2145776392-1472050533-324974990-1000UA.job 2015-06-28 18:42 - 2013-06-23 14:45 - 00000942 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2145776392-1472050533-324974990-1000Core.job 2015-06-28 18:38 - 2015-05-08 14:41 - 00000000 ____D C:\ProgramData\firebird 2015-06-28 18:37 - 2012-10-09 21:15 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-06-28 18:37 - 2012-10-09 21:15 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-28 18:37 - 2012-10-09 21:15 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-06-28 18:26 - 2013-06-23 14:45 - 00003970 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2145776392-1472050533-324974990-1000UA 2015-06-28 18:26 - 2013-06-23 14:45 - 00003602 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2145776392-1472050533-324974990-1000Core 2015-06-28 18:25 - 2015-05-12 16:21 - 00004020 _____ C:\Windows\System32\Tasks\lenovo mobile auto run 2015-06-28 18:19 - 2013-10-20 23:52 - 00000000 ____D C:\Windows\pss 2015-06-28 17:58 - 2012-10-09 22:30 - 00000000 ____D C:\Program Files\WinFast 2015-06-28 17:58 - 2012-10-09 22:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-06-28 17:57 - 2012-10-11 20:14 - 00000002 _____ C:\Windows\SysWOW64\Dvbpws.dll 2015-06-28 17:12 - 2015-04-29 16:57 - 00000000 ____D C:\ProgramData\icondir 2015-06-25 12:03 - 2014-08-07 18:23 - 00003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1382109612 2015-06-25 12:03 - 2013-02-12 15:30 - 00000000 ____D C:\Program Files (x86)\Opera 2015-06-19 23:55 - 2013-03-04 14:05 - 00000000 ____D C:\Users\Springfieldz0r\AppData\Local\CrashDumps 2015-06-19 23:48 - 2014-12-02 15:32 - 00000000 ____D C:\Program Files (x86)\Pro Evolution Soccer 2015 2015-06-19 21:20 - 2015-03-09 13:30 - 00001137 _____ C:\Users\Public\Desktop\Pes 2015 Selector.lnk 2015-06-19 20:20 - 2012-10-10 07:54 - 00000000 ____D C:\Users\Springfieldz0r\AppData\Roaming\uTorrent 2015-06-18 14:41 - 2013-02-14 17:26 - 00001456 _____ C:\Users\Springfieldz0r\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-06-16 20:18 - 2009-07-14 04:34 - 00000833 _____ C:\Windows\win.ini 2015-06-15 21:01 - 2012-11-15 20:53 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-15 17:28 - 2015-03-06 19:43 - 00000000 ____D C:\Users\Springfieldz0r\AppData\Local\Viber 2015-06-15 17:26 - 2015-03-06 19:43 - 00001012 _____ C:\Users\Springfieldz0r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk 2015-06-15 16:30 - 2014-03-15 09:12 - 00000000 ____D C:\Users\Springfieldz0r\Desktop\Slike Mikan 2015-06-15 16:28 - 2014-08-21 16:05 - 00000000 ____D C:\Users\Springfieldz0r\AppData\Local\Adobe 2015-06-11 23:21 - 2012-12-22 20:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-06-11 11:57 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-06-11 11:56 - 2009-07-14 06:45 - 05080480 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-11 11:54 - 2014-12-11 03:17 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-11 11:54 - 2014-05-06 00:00 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-11 11:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-06-10 23:21 - 2013-10-18 00:56 - 00000000 ____D C:\Windows\system32\MRT 2015-06-10 23:14 - 2012-10-11 07:34 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-06-09 00:12 - 2012-10-14 07:47 - 00000000 ____D C:\ProgramData\Skype 2015-06-04 11:13 - 2015-05-15 19:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-04 11:13 - 2012-10-09 20:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2014-07-28 14:53 - 2014-07-28 14:53 - 49940480 _____ () C:\Program Files (x86)\GUTEEB6.tmp 2014-04-21 20:06 - 2014-04-21 20:06 - 0000288 _____ () C:\Users\Springfieldz0r\AppData\Roaming\.backup.dm 2013-02-13 02:27 - 2014-05-31 16:11 - 0000132 _____ () C:\Users\Springfieldz0r\AppData\Roaming\Adobe BMP Format CS6 Prefs 2013-01-20 16:52 - 2013-12-07 05:19 - 0000132 _____ () C:\Users\Springfieldz0r\AppData\Roaming\Adobe GIF Format CS6 Prefs 2014-01-22 03:39 - 2014-01-22 03:39 - 0000132 _____ () C:\Users\Springfieldz0r\AppData\Roaming\Adobe IllExport Filter CS6 Prefs 2013-01-15 15:47 - 2015-05-13 02:09 - 0000132 _____ () C:\Users\Springfieldz0r\AppData\Roaming\Adobe PNG Format CS6 Prefs 2012-11-06 19:34 - 2012-11-06 19:34 - 0045270 _____ () C:\Users\Springfieldz0r\AppData\Roaming\room_v3.dat 2014-02-02 05:22 - 2014-02-12 01:22 - 0000079 _____ () C:\Users\Springfieldz0r\AppData\Roaming\WB.CFG 2012-10-10 19:33 - 2015-05-13 02:09 - 0000600 _____ () C:\Users\Springfieldz0r\AppData\Roaming\winscp.rnd 2013-02-14 17:26 - 2015-06-18 14:41 - 0001456 _____ () C:\Users\Springfieldz0r\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-07-02 17:35 - 2015-07-02 17:38 - 0003584 _____ () C:\Users\Springfieldz0r\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-26 02:51 - 2014-01-26 02:51 - 0000001 _____ () C:\Users\Springfieldz0r\AppData\Local\llftool.4.25.agreement 2012-11-01 18:10 - 2014-03-06 05:07 - 0000600 _____ () C:\Users\Springfieldz0r\AppData\Local\PUTTY.RND 2013-03-08 00:33 - 2013-12-17 18:40 - 0007597 _____ () C:\Users\Springfieldz0r\AppData\Local\Resmon.ResmonCfg 2015-04-18 13:08 - 2015-04-18 13:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Springfieldz0r\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe C:\Users\Springfieldz0r\AppData\Local\Temp\AutoDetectUtilApp.exe C:\Users\Springfieldz0r\AppData\Local\Temp\AutoMapaPPCInterface.dll C:\Users\Springfieldz0r\AppData\Local\Temp\miunst_.exe C:\Users\Springfieldz0r\AppData\Local\Temp\proxy_vole1332239620642119032.dll C:\Users\Springfieldz0r\AppData\Local\Temp\Quarantine.exe C:\Users\Springfieldz0r\AppData\Local\Temp\raptrpatch.exe C:\Users\Springfieldz0r\AppData\Local\Temp\raptr_stub.exe C:\Users\Springfieldz0r\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-23 15:10 ==================== End of log ============================ https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 03 Jul 2015 07:39 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvještaji mi izgledaju prilično čisto. Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. `FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-05-15] <==== ATTENTION` U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Profil

Springfield Poslao: 03 Jul 2015 13:36 Idi na vrh
offline Springfield Moderator foruma 100%Milanista Information Technology Pridružio: 23 Avg 2008 Poruke: 2634 Gde živiš: Milan, Italy	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01 Ran by Springfieldz0r at 2015-07-03 13:35:06 Run:1 Running from C:\Users\Springfieldz0r\Desktop Loaded Profiles: Springfieldz0r (Available Profiles: Springfieldz0r) Boot Mode: Normal ============================================== fixlist content: *************** FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-05-15] <==== ATTENTION *************** C:\Program Files (x86)\mozilla firefox\firefox.cfg => moved successfully. ==== End of Fixlog 13:35:06 ==== A sta cemo sa servisima koji se pokrecu sa racunarom. Da otvaram temu u windows forumu ili cemo ovdje?

Profil

Sass Drake Poslao: 03 Jul 2015 18:44 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne vidim ništa maliciozno u servisima pa će što morati u Windows dijelu foruma nakon što završimo ovdje. Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

Springfield Poslao: 03 Jul 2015 21:38 Idi na vrh
offline Springfield Moderator foruma 100%Milanista Information Technology Pridružio: 23 Avg 2008 Poruke: 2634 Gde živiš: Milan, Italy	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Malwarebytes Anti-Rootkit BETA 1.09.1.1004 www.malwarebytes.org Database version: main: v2015.07.03.05 rootkit: v2015.07.03.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.17843 Springfieldz0r :: ANDROID-19C7E46 [administrator] 3.7.2015 20:58:39 mbar-log-2015-07-03 (20-58-39).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged. Objects scanned: 387847 Time elapsed: 33 minute(s), 30 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\$RECYCLE.BIN\S-1-5-21-2145776392-1472050533-324974990-1000\$RDEVBIK\Windows Loader.exe (Hacktool.Agent) -> Delete on reboot. [2f32c91482080036582898eba65b817f] Physical Sectors Detected: 0 (No malicious items detected) (end) https://www.mycity.rs/must-login.png

Profil

Sass Drake Poslao: 03 Jul 2015 23:50 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: Springfield Registruj se da bi pohvalio/la poruku! To bi bilo to. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » provjera sistema

Ko je trenutno na forumu

Ukupno su 805 korisnika na forumu :: 39 registrovanih, 7 sakrivenih i 759 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: aleksmajstor, babaroga, cavatina, ccoogg123, cenejac111, dankisha, Denaya, DPera, GenZee, goxin, Griffon vulture, hatman, hyla, Karla, Leonov, Marko Marković, Mcdado, mercedesamg, Mercury, milenko crazy north, Milos ZA, MiroslavD, nebkv, NoOneEver Dreams, raketaš, Shinobi, Srle993, stalja, stegonosa, theNedjeljko, tubular, vaso1, Vatreni Zmaj, Vlad000, wizzardone, YugoSlav, zeo, Zerajic, 1107

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by