Jump to content


Welcome to 247fixes PC Help Forum

Welcome to 247fixes PC Help Forum! Like most online communities you must first register to view or post in our community, but don't worry this is a simple free process that requires minimal information. Take advantage of it immediately, Register Now or Sign In.

Please read over Welcome To 247Fixes to learn more about our site.

  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates
  • Add events to our community calendar
  • Get your own profile and make new friends
  • Customize your experience here
Guest Message by DevFuse
 

Photo

[Resolved] Trojans And Browsermodifiers

trojans browsermodifier search safefinder

  • This topic is locked This topic is locked
15 replies to this topic

#1 winersnicl

winersnicl

    New Member

  • Member
  • Pip
  • 9 posts

Posted 22 December 2016 - 01:16 PM

Hi,
 
I have some problems with my computer:
 
1. In my browsers (Mozilla Firefox and Chrome) there  is a webpage which allways apears by it self : hxxps://search.safefinder.com/?st=sc&q
When I change settings ( remove this search option, put different homepage) nothing helps, because nexttime it is there again.
 
2. My virus protection is finding problems all the time - every few days...description below:
 
Microsoft Security Essentials found and quarantine/remove/clean last 3 weeks next items:
1.Trojan:Win32/Detplock date 22.dec
file:C:\Users\Jernej\Desktop\CLEANING VIRUSES 8.2016\zoek.exe
 
2.HackTool:Win32/Gendows date 21.dec
file:C:\Users\Jernej\Downloads\Windows_Loader_v2.2.1\Windows Loader\Windows Loader.exe
 
3.BrowserModifier:Win32/Linkhorty date 21.dec
file:C:\zoek_backup\C_PROGRA~3_Ronzap\Bamfix.exe
file:C:\zoek_backup\C_PROGRA~3_xifs\StimAir.exe
file:C:\zoek_backup\C_PROGRA~3_xifs\xifs.exe
 
4.BrowserModifier:Win32/Linkhorty date 19.dec
file:C:\ProgramData\oceps\ff.HP
file:C:\ProgramData\oceps\ff.NT
folder:c:\programdata\oceps\
 
5.BrowserModifier:Win32/Linkhorty date 19.dec
file:C:\ProgramData\oceps\ff.HP
file:C:\ProgramData\oceps\ff.NT
folder:c:\programdata\oceps\
 
6.BrowserModifier:Win32/Linkhorty!blnk date 19.dec
file:C:\Users\Jernej\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk->[CMDEmbedded]
 
7.BrowserModifier:Win32/Linkhorty date 19.dec
file:C:\ProgramData\oceps\ff.HP
file:C:\ProgramData\oceps\ff.NT
file:C:\ProgramData\oceps\snp.sc
folder:c:\programdata\oceps\
 
8.BrowserModifier:Win32/Linkhorty!blnk date 19.dec
containerfile:C:\Users\Jernej\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
file:C:\Users\Jernej\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk->[CMDEmbedded]
 
9.BrowserModifier:Win32/Linkhorty!blnk date 19.dec
containerfile:C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
file:C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk->[CMDEmbedded]
 
10.BrowserModifier:Win32/Linkhorty!blnk date 19.dec
containerfile:C:\Users\Jernej\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
file:C:\Users\Jernej\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk->[CMDEmbedded]
 
11.Trojan:Win32/Skeeyah.A!bit date 19.dec
file:C:\ProgramData\ocep\Dongdom.exe
 
12.BrowserModifier:Win32/Linkhorty date 9.dec
file:C:\Windows\TEMP\nsj4867.exe
 
Please help me clean my computer.
Thank you!
 
FRST and Malwarebytes' Anti-Malware logs:
 
Malwarebytes' Anti-Malware log:
 
Malwarebytes
www.malwarebytes.com
 
-Podrobnosti dnevnika-
Datum pregledovanja: 22. 12. 16
Čas pregledovanja: 11:54
Dnevniška datoteka: 2016.12.22.report.Malwarebytes Anti-Malware.txt
Skrbnik: Da
 
-Podatki o programski opremi-
Različica: 3.0.5.1299
Različica komponent: 1.0.43
Različica s paketom posodobitve: 1.0.826
Licenca: Preizkusna različica
 
-Informacije o sistemu-
OS: Windows 7 Service Pack 1
Procesor: x64
Datotečni sistem: NTFS
Uporabnik: Jernej-PC\Jernej
 
-Povzetek pregledovanja-
Vrsta pregledovanja: Pregledovanje groženj
Rezultat: Dokončano
Število pregledanih predmetov: 357214
Pretečeni čas: 7 min, 33 s
 
-Možnosti pregledovanja-
Pomnilnik: Omogočeno
Zagon: Omogočeno
Datotečni sistem: Omogočeno
Arhivi: Omogočeno
Korenska orodja: Onemogočeno
Hevristika: Omogočeno
PUP: Omogočeno
PUM: Omogočeno
 
-Podrobnosti pregledovanja-
Proces: 2
PUP.Optional.Amonetize, C:\PROGRAM FILES\BITTORRENT\BITTORRENT.EXE, V karanteni, [13], [104696],1.0.826
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, V karanteni, [4114], [24306],1.0.826
 
Modul: 4
PUP.Optional.Amonetize, C:\PROGRAM FILES\BITTORRENT\BITTORRENT.EXE, V karanteni, [13], [104696],1.0.826
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, V karanteni, [4114], [24306],1.0.826
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, V karanteni, [4114], [183111],1.0.826
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.dll, V karanteni, [4114], [183111],1.0.826
 
Registrski ključ: 57
PUP.Optional.Amonetize, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BitTorrent, V karanteni, [13], [104696],1.0.826
PUP.Optional.LogicHandler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\backlh, V karanteni, [4114], [24306],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtAirtostrong, V karanteni, [95], [259815],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtApService, V karanteni, [95], [259827],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtocep, V karanteni, [95], [324374],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtRonzap, V karanteni, [95], [259866],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Airtostrong_RASAPI32, V karanteni, [95], [259688],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Airtostrong_RASMANCS, V karanteni, [95], [259688],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASAPI32, V karanteni, [95], [259705],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASMANCS, V karanteni, [95], [259705],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ocep_RASAPI32, V karanteni, [95], [324372],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ocep_RASMANCS, V karanteni, [95], [324372],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Ronzap_RASAPI32, V karanteni, [95], [259740],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Ronzap_RASMANCS, V karanteni, [95], [259740],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, V karanteni, [95], [259989],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RONZAP, V karanteni, [95], [259956],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_DaltCore, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_FinOting, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_Freshlight, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_GraveNix, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_Hatair, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_Isstrong, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_Kinphase, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_MatTex, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_MedSonlab, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_Ozertam, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_Quad-Strong, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_Quodax, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_Solotom, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_Superlux, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\psv_Treeflex, V karanteni, [95], [259770],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{16792A8E-AAC0-42F8-9A10-4C6F58A331EF}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{198F2289-520D-45FA-BCF2-D2AEE2F4F1D5}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{23E27129-0182-4597-B1FB-563B46518354}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{39F7B000-0ECE-4234-AB96-C4D7387183E8}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5C52DAD6-9F56-4679-AD2C-07DAC8805FAF}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6215C2BA-0330-4323-8677-C86C118EF1BD}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{80682B03-7142-4803-97B0-87C8F3B8C847}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8B0622BB-2E73-4BF2-A07B-1415269C21B9}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8F892D15-D078-4BBF-872A-D5E29690DF72}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A7384AA4-8082-473A-8996-D04EEDAAFB10}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B165D914-2221-4E00-AFF0-C05ABF78B9BD}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DEF5A88E-86C8-45AD-B0CE-B8D7A4AF4C55}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E49AB7EB-0430-4D9E-805D-69BAEDB5260C}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F1ACD272-EBD5-484E-A08B-D1C42CB27BBB}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F7B59F19-734A-4B64-9592-E4D61B564B72}, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, V karanteni, [95], [259987],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\OCEP, V karanteni, [95], [324368],1.0.826
PUP.Optional.Smeazymo, HKLM\SOFTWARE\MICROSOFT\TRACING\Dalttrans_RASAPI32, V karanteni, [2354], [258076],1.0.826
PUP.Optional.Smeazymo, HKLM\SOFTWARE\MICROSOFT\TRACING\Dalttrans_RASMANCS, V karanteni, [2354], [258076],1.0.826
PUP.Optional.WikiSearchMe, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fcgnigmofekcllgbiejhmigggmgehkip, V karanteni, [14474], [246558],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\ocep.exe, V karanteni, [95], [324367],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Ronzap.exe, V karanteni, [95], [259795],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, V karanteni, [95], [259928],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\mtAirtostrong, V karanteni, [95], [259524],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\mtocep, V karanteni, [95], [324373],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\mtRonzap, V karanteni, [95], [259575],1.0.826
 
Vrednost registra: 34
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, V karanteni, [95], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, V karanteni, [95], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\ENVIRONMENT|SNF, V karanteni, [95], [-1],0.0.0
PUP.Optional.Linkury, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Zamenjano, [399], [293476],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, V karanteni, [95], [259988],1.0.826
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Zamenjano, [399], [293477],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\ENVIRONMENT|SNP, V karanteni, [95], [259518],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\ENVIRONMENT|SNF, V karanteni, [95], [259517],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, V karanteni, [95], [259989],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RONZAP|IMAGEPATH, V karanteni, [95], [259956],1.0.826
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, V karanteni, [399], [259314],1.0.826
PUP.Optional.LogicHandler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKLH|IMAGEPATH, V karanteni, [4114], [183112],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{16792A8E-AAC0-42F8-9A10-4C6F58A331EF}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{198F2289-520D-45FA-BCF2-D2AEE2F4F1D5}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{23E27129-0182-4597-B1FB-563B46518354}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{39F7B000-0ECE-4234-AB96-C4D7387183E8}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5C52DAD6-9F56-4679-AD2C-07DAC8805FAF}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6215C2BA-0330-4323-8677-C86C118EF1BD}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{80682B03-7142-4803-97B0-87C8F3B8C847}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8B0622BB-2E73-4BF2-A07B-1415269C21B9}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8F892D15-D078-4BBF-872A-D5E29690DF72}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A7384AA4-8082-473A-8996-D04EEDAAFB10}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B165D914-2221-4E00-AFF0-C05ABF78B9BD}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DEF5A88E-86C8-45AD-B0CE-B8D7A4AF4C55}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E49AB7EB-0430-4D9E-805D-69BAEDB5260C}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F1ACD272-EBD5-484E-A08B-D1C42CB27BBB}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F7B59F19-734A-4B64-9592-E4D61B564B72}|PATH, V karanteni, [95], [259767],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, V karanteni, [95], [259987],1.0.826
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\OCEP|IMAGEPATH, V karanteni, [95], [324368],1.0.826
PUP.Optional.Linkury, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, V karanteni, [399], [259313],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Zamenjano, [95], [293485],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Zamenjano, [95], [293485],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Zamenjano, [95], [293485],1.0.826
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Zamenjano, [95], [293486],1.0.826
 
Podatkovni tok: 0
(Ni zaznanih zlonamernih elementov)
 
Mapa: 13
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\AIRTOSTRONGS, V karanteni, [95], [302552],1.0.826
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER, V karanteni, [95], [259506],1.0.826
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64, V karanteni, [4114], [183111],1.0.826
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86, V karanteni, [4114], [183111],1.0.826
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER, V karanteni, [4114], [183111],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\_metadata, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\icons, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\js, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\USERS\JERNEJ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\feeilhmlfcpfchpbgoknoeefdkbgionj, V karanteni, [1472], [326607],1.0.826
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\XIFSS, V karanteni, [95], [302552],1.0.826
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\RONZAPS, V karanteni, [95], [302552],1.0.826
PUP.Optional.Linkury, C:\WINDOWS\TEMP\SMARTBAR, V karanteni, [399], [259312],1.0.826
 
Datoteka: 71
PUP.Optional.Amonetize, C:\PROGRAM FILES\BITTORRENT\BITTORRENT.EXE, V karanteni, [13], [104696],1.0.826
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, V karanteni, [4114], [24306],1.0.826
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\AIRTOSTRONGS\FF.HP, V karanteni, [95], [302552],1.0.826
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Airtostrongs\ff.NT, V karanteni, [95], [302552],1.0.826
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Airtostrongs\snp.sc, V karanteni, [95], [302552],1.0.826
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER\CLOUDPRINTER.DAT, V karanteni, [95], [259506],1.0.826
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\Config.xml, V karanteni, [95], [259506],1.0.826
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE.CONFIG, V karanteni, [4114], [183111],1.0.826
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64\SQLite.Interop.dll, V karanteni, [4114], [183111],1.0.826
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, V karanteni, [4114], [183111],1.0.826
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\Config.json, V karanteni, [4114], [183111],1.0.826
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.dll, V karanteni, [4114], [183111],1.0.826
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.Linq.dll, V karanteni, [4114], [183111],1.0.826
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.xml, V karanteni, [4114], [183111],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\icons\128x128.png, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\icons\16x16.png, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\icons\512x512.png, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\icons\64x64.png, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\icons\favicon.ico, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\icons\logo.png, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\js\background.js, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\js\site.js, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\_metadata\verified_contents.json, V karanteni, [1472], [326607],1.0.826
PUP.Optional.WizeSearch, C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj\1.0.12_0\manifest.json, V karanteni, [1472], [326607],1.0.826
PUP.Optional.Linkury, C:\USERS\JERNEJ\APPDATA\ROAMING\NOAH.DAT, V karanteni, [399], [258092],1.0.826
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\XIFSS\FF.HP, V karanteni, [95], [302552],1.0.826
PUP.Optional.Linkury.ACMB1, C:\ProgramData\xifss\ff.NT, V karanteni, [95], [302552],1.0.826
PUP.Optional.Linkury.ACMB1, C:\USERS\JERNEJ\APPDATA\ROAMING\CONFIG.XML, V karanteni, [95], [302553],1.0.826
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\RONZAPS\FF.HP, V karanteni, [95], [302552],1.0.826
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Ronzaps\ff.NT, V karanteni, [95], [302552],1.0.826
PUP.Optional.Linkury.ACMB1, C:\USERS\JERNEJ\APPDATA\ROAMING\INSTALLATIONCONFIGURATION.XML, V karanteni, [95], [302554],1.0.826
PUP.Optional.Linkury, C:\USERS\JERNEJ\APPDATA\ROAMING\MD.XML, V karanteni, [399], [258091],1.0.826
PUP.Optional.Linkury, C:\USERS\JERNEJ\APPDATA\ROAMING\APPLICATIONHOSTING.DAT, V karanteni, [399], [258090],1.0.826
PUP.Optional.Linkury, C:\USERS\JERNEJ\APPDATA\ROAMING\LOBBY.DAT, V karanteni, [399], [258230],1.0.826
PUP.Optional.Linkury.Gen, C:\USERS\JERNEJ\APPDATA\ROAMING\ZENFIX.TST, V karanteni, [19518], [261636],1.0.826
PUP.Optional.Linkury.Gen, C:\USERS\JERNEJ\APPDATA\ROAMING\KINZIMCOM.TST, V karanteni, [19518], [261636],1.0.826
PUP.Optional.Amonetize, C:\USERS\JERNEJ\APPDATA\ROAMING\TEMPDOM.BIN, V karanteni, [13], [101307],1.0.826
PUP.Optional.Linkury, C:\USERS\JERNEJ\APPDATA\ROAMING\KINWARM.BIN, V karanteni, [399], [284886],1.0.826
PUP.Optional.LogicHandler, C:\USERS\JERNEJ\APPDATA\ROAMING\SALTDOM.BIN, V karanteni, [4114], [24306],1.0.826
PUP.Optional.Linkury.ACMB1, C:\USERS\JERNEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MIVNQ7JH.DEFAULT\PREFS.JS, Zamenjano, [95], [302805],1.0.826
PUP.Optional.Linkury.ACMB1, C:\USERS\JERNEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MIVNQ7JH.DEFAULT\PREFS.JS, Zamenjano, [95], [303330],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, V karanteni, [95], [259512],1.0.826
PUP.Optional.Linkury, C:\WINDOWS\TEMP\SMARTBAR\MATREDTAX.ICO, V karanteni, [399], [259312],1.0.826
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\FaseHotlux.ico, V karanteni, [399], [259312],1.0.826
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Geoflex.ico, V karanteni, [399], [259312],1.0.826
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Saillex.ico, V karanteni, [399], [259312],1.0.826
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Softlight.ico, V karanteni, [399], [259312],1.0.826
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Yearfan.ico, V karanteni, [399], [259312],1.0.826
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Zaamsoft.ico, V karanteni, [399], [259312],1.0.826
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Zummatech.ico, V karanteni, [399], [259312],1.0.826
PUP.Optional.OpenCandy, C:\USERS\JERNEJ\DOWNLOADS\PHOTOSCAPE_V3.7.EXE, V karanteni, [645], [297667],1.0.826
PUP.Optional.Smeazymo, C:\USERS\JERNEJ\APPDATA\LOCAL\DALTTRANS.DAT, V karanteni, [2354], [258073],1.0.826
PUP.Optional.SafeFinder.ShrtCln, C:\USERS\JERNEJ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\https_search.safefinder.com_0.localstorage, V karanteni, [474], [316774],1.0.826
PUP.Optional.SafeFinder.ShrtCln, C:\USERS\JERNEJ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.safefinder.com_0.localstorage, V karanteni, [474], [316774],1.0.826
PUP.Optional.SnapDo, C:\USERS\JERNEJ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.snapdo.com_0.localstorage, V karanteni, [2862], [184976],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_DaltCore, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_FinOting, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_Freshlight, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_GraveNix, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_Hatair, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_Isstrong, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_Kinphase, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_MatTex, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_MedSonlab, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_Ozertam, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_Quad-Strong, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_Quodax, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_Solotom, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_Superlux, V karanteni, [95], [259513],1.0.826
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\TASKS\psv_Treeflex, V karanteni, [95], [259513],1.0.826
PUP.Optional.WizeSearch, C:\USERS\JERNEJ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_feeilhmlfcpfchpbgoknoeefdkbgionj_0.localstorage, V karanteni, [1472], [326605],1.0.826
 
Fizični sektor: 0
(Ni zaznanih zlonamernih elementov)
 
 
(end)
 
FRST.txt:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Jernej (administrator) on JERNEJ-PC (22-12-2016 13:30:16)
Running from C:\Users\Jernej\Downloads
Loaded Profiles: Jernej (Available Profiles: Jernej)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: slovenščina (Slovenija)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\RtkBleServ.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7574896 2014-04-16] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818288 2014-04-07] (Synaptics Incorporated)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-10] (Intel Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [419512 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero BackItUp\NBAgent.exe [2025816 2014-09-29] (Nero AG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-11-20] (Raptr, Inc)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [DU Meter] => "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [proxsign] => C:\Program Files (x86)\SETCCE\proXSign\bin\pxkill.exe [31232 2015-11-19] ()
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {57533554-0c1e-11e6-8cc9-38b1db9df968} - G:\CDCheck.exe
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {57533558-0c1e-11e6-8cc9-38b1db9df968} - H:\CDCheck.exe
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {b0f96005-d93e-11e5-810c-38b1db9df968} - E:\autorun.exe
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {b0f9601c-d93e-11e5-810c-38b1db9df968} - F:\autorun.exe
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
Startup: C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe [2016-08-26] (Leader Technologies)
Startup: C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe [2016-08-26] ()
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 84.255.209.79 84.255.210.79 192.168.1.1
Tcpip\..\Interfaces\{518C50D0-A0EB-426F-84AC-5A094662A6E1}: [DhcpNameServer] 84.255.209.79 84.255.210.79 192.168.1.1
Tcpip\..\Interfaces\{9374EDE6-2510-4D46-8FD1-8C9E69478EAC}: [DhcpNameServer] 10.0.1.197 10.0.1.198
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131266346688107570&GUID=1664DB10-ECE5-43AE-B976-1FB3994CEC74
SearchScopes: HKU\S-1-5-21-111603173-2415600283-1906868864-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-111603173-2415600283-1906868864-1000 -> is enabled.
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
 
FireFox:
========
FF ProfilePath: C:\Users\Jernej\AppData\Roaming\Mozilla\Firefox\Profiles\mivnq7jh.default [2016-12-22]
FF NewTab: Mozilla\Firefox\Profiles\mivnq7jh.default -> C:\\ProgramData\\oceps\\ff.NT
FF Homepage: Mozilla\Firefox\Profiles\mivnq7jh.default -> C:\\ProgramData\\oceps\\ff.HP
FF Extension: (BitComet Video Downloader) - C:\Users\Jernej\AppData\Roaming\Mozilla\Firefox\Profiles\mivnq7jh.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014-10-26] [not signed]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-29] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.si/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default [2016-12-22]
CHR Extension: (Google Diapozitivi) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-10]
CHR Extension: (Google Dokumenti) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-10]
CHR Extension: (Google Drive) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-25]
CHR Extension: (YouTube) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-09]
CHR Extension: (Google Search) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-25]
CHR Extension: (Google Preglednice) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-10]
CHR Extension: (Google Dokumenti brez povezave) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Skype) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-28]
CHR Extension: (Plačila v spletni trgovini Chrome) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-25]
CHR Extension: (Gmail) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-10]
CHR Extension: (Chrome Media Router) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S2 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [273248 2014-09-29] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [42496 2013-04-25] (Realtek Semiconductor Corporation) [File not signed]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-02-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-02-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-22] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2016-12-22] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2016-12-22] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2016-12-22] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2016-12-22] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [552448 2014-04-01] (Realtek Semiconductor Corporation)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3402968 2014-04-11] (Realtek Semiconductor Corporation                           )
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-22 13:30 - 2016-12-22 13:32 - 00020565 _____ C:\Users\Jernej\Downloads\FRST.txt
2016-12-22 13:27 - 2016-12-22 13:27 - 02420736 _____ (Farbar) C:\Users\Jernej\Downloads\FRST64.exe
2016-12-22 11:49 - 2016-12-22 13:07 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2016-12-22 11:49 - 2016-12-22 13:07 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2016-12-22 11:49 - 2016-12-22 13:07 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-22 11:49 - 2016-12-22 13:06 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-22 11:49 - 2016-12-22 11:49 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2016-12-22 11:48 - 2016-12-22 11:48 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-22 11:48 - 2016-12-22 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-22 11:48 - 2016-12-22 11:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-22 11:48 - 2016-12-22 11:48 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-22 11:48 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2016-12-22 11:47 - 2016-12-22 11:47 - 54199488 _____ (Malwarebytes ) C:\Users\Jernej\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2016-12-22 11:05 - 2016-12-22 11:05 - 03021667 _____ () C:\Program Files\Common Files\nxqix2v4.exe
2016-12-22 11:02 - 2016-12-22 11:02 - 03021667 _____ () C:\Program Files\Common Files\vczke5tf.exe
2016-12-22 10:55 - 2016-12-22 10:55 - 00015768 _____ C:\Users\Jernej\Downloads\prenos (1)
2016-12-22 10:55 - 2016-12-22 10:55 - 00015768 _____ C:\Users\Jernej\Downloads\prenos
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\tvp0ztb2.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\sfgifsmn.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\mkool4nz.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\kukhs5yc.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\keeflik3.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\ivnncg3v.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\fuizqtnt.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\bj4smrpj.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\3q4nu04v.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\3fzkvfce.exe
2016-12-21 19:42 - 2016-12-21 19:42 - 03021720 _____ () C:\Program Files\Common Files\wugd3s1k.exe
2016-12-21 19:42 - 2016-12-21 19:42 - 03021720 _____ () C:\Program Files\Common Files\oe5rxgmy.exe
2016-12-21 19:41 - 2016-12-21 19:42 - 03021720 _____ () C:\Program Files\Common Files\uowpj54y.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\vwsegdek.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\rsgzqio1.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\qs1mlvay.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\p1qnbqql.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\cj2zwhls.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\4pje2usj.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\3hmbjydh.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\xdcfvull.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\u5e3xqwm.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\sdd5fdmt.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\otfg1co3.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\e15zwtfd.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\c4jrup5i.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\bev1tt0w.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\3crnd5s4.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 03021720 _____ () C:\Program Files\Common Files\xwfp3nce.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 03021720 _____ () C:\Program Files\Common Files\tcxzcyiq.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 03021720 _____ () C:\Program Files\Common Files\olf1kjhh.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 03021720 _____ () C:\Program Files\Common Files\jwnivu1w.exe
2016-12-21 19:38 - 2016-12-21 19:38 - 03021720 _____ () C:\Program Files\Common Files\tvxpfunq.exe
2016-12-20 09:05 - 2016-12-20 09:05 - 03675644 _____ C:\Users\Jernej\Downloads\6163430.pdf
2016-12-20 09:02 - 2016-12-20 09:02 - 03652374 _____ C:\Users\Jernej\Downloads\6163429.pdf
2016-12-20 08:56 - 2016-12-20 08:56 - 05901059 _____ C:\Users\Jernej\Downloads\6114395.pdf
2016-12-19 14:08 - 2016-12-19 14:08 - 03021071 _____ () C:\Program Files\Common Files\dqf0nuhv.exe
2016-12-19 13:39 - 2016-12-19 13:39 - 03021071 _____ () C:\Program Files\Common Files\oqhrpyau.exe
2016-12-19 11:37 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-19 11:37 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-19 11:37 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-19 11:37 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-19 11:37 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-19 11:37 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-19 11:37 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-19 11:37 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-19 11:37 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-19 11:37 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-19 11:37 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-19 11:37 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-19 11:37 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-19 11:37 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-19 11:37 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-19 11:37 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-19 11:37 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-19 11:37 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-19 11:37 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-19 11:37 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-19 11:37 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-19 11:37 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-19 11:37 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-19 11:37 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-19 11:37 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-19 11:37 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-19 11:37 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-19 11:37 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-19 11:37 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-19 11:37 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-19 11:37 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-19 11:37 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-19 11:37 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-19 11:37 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-19 11:37 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-19 11:37 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-19 11:37 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-19 11:37 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-19 11:37 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-19 11:37 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-19 11:37 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-19 11:37 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-19 11:37 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-19 11:37 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-19 11:37 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-19 11:37 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-19 11:37 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-19 11:37 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-19 11:37 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-19 11:37 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-19 11:37 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-19 11:37 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-19 11:37 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-19 11:36 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-19 11:36 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-19 11:36 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-19 11:36 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-19 11:36 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-19 11:36 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-19 11:36 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-19 11:36 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-19 11:36 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-19 11:36 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-19 11:36 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-19 11:36 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-19 11:36 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-19 11:36 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-19 11:36 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-19 11:36 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-19 11:36 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-19 11:36 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-19 11:36 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-19 11:36 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-19 11:36 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-19 11:36 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-19 11:36 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-19 11:36 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-19 11:36 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-19 11:36 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-19 11:36 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-19 11:36 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-19 11:36 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-19 11:36 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-19 11:36 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-19 11:36 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-19 11:36 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-19 11:36 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-19 11:36 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-12-19 11:36 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-12-19 11:36 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-12-19 11:36 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-12-19 11:36 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-12-19 11:36 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-12-19 11:36 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-19 11:36 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-19 11:36 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-19 11:36 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-12-19 11:36 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-19 11:36 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-12-19 11:36 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-19 11:36 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-19 11:36 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-19 11:36 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-12-19 11:36 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-12-19 11:36 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-19 11:36 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-19 11:36 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-12-19 11:36 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-12-19 11:36 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-19 11:36 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-19 11:36 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-19 11:36 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-19 11:36 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-19 11:36 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-19 11:36 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-19 11:36 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-19 11:36 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-19 11:36 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-19 11:36 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-19 11:36 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-12-19 11:36 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-19 11:36 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-19 11:36 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-12-19 11:36 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-19 11:36 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-19 11:36 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-19 11:36 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-19 11:36 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-12-19 11:36 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-12-19 11:36 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-12-19 11:36 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-19 11:36 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-19 11:36 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-19 11:36 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-19 11:36 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-19 11:36 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-12-19 11:36 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-19 11:36 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-12-19 11:36 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-12-19 11:29 - 2016-12-19 11:29 - 03021081 _____ () C:\Program Files\Common Files\kbsen10d.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 03021081 _____ () C:\Program Files\Common Files\jkol1wsz.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 03021081 _____ () C:\Program Files\Common Files\ixyljokq.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 03021081 _____ () C:\Program Files\Common Files\euu02fii.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 03021081 _____ () C:\Program Files\Common Files\2ozgoojj.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\zu3awbg2.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\zshdiv54.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\ywh20yst.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\wuf4xr5f.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\vhgrdcjw.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\v2mqzgiv.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\rgmctvpo.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\rb5gu2a4.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\pt2bgm5a.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\kti2cpft.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\krdcyofl.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\kmvjzs2c.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\kdfdw1nx.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\jnd1lkzy.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\ipymryka.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\gypr5lcy.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\fyxzggo4.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\fm0btic2.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\eh44yp5b.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\eesjskqo.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\crftw0hg.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\cqd4ru0n.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\cqcpdayj.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\33nzp3ds.exe
2016-12-15 23:40 - 2016-12-15 23:40 - 03020666 _____ () C:\Program Files\Common Files\4yckbatn.exe
2016-12-15 22:40 - 2016-12-15 22:40 - 03020746 _____ () C:\Program Files\Common Files\vl1ychoa.exe
2016-12-15 21:40 - 2016-12-15 21:40 - 03020650 _____ () C:\Program Files\Common Files\k5s5jr3c.exe
2016-12-15 20:40 - 2016-12-15 20:40 - 03020706 _____ () C:\Program Files\Common Files\gidl3212.exe
2016-12-15 19:40 - 2016-12-15 19:40 - 03020700 _____ () C:\Program Files\Common Files\eldcccjx.exe
2016-12-15 18:39 - 2016-12-15 18:39 - 03020768 _____ () C:\Program Files\Common Files\4mjjul5p.exe
2016-12-15 18:06 - 2016-12-15 18:06 - 03020738 _____ () C:\Program Files\Common Files\1w31tty5.exe
2016-12-15 17:56 - 2016-12-15 17:56 - 03020682 _____ () C:\Program Files\Common Files\4avdldsz.exe
2016-12-15 17:55 - 2016-12-15 17:55 - 03020682 _____ () C:\Program Files\Common Files\kpbsvgsf.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\zoc0wpej.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\zm3eqna5.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\vnliupbx.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\rxdu4hxh.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\ngwslksm.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\jb44irkl.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\j4yr4toi.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\hmgtsovy.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\fzpkj1kt.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\e3ee5qol.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\do3zwpeu.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\csji25pz.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\bru4lzu0.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\ari0p41n.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\aluxhvc5.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\5z5ytn0z.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\3xjp4ttv.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\31upcpzi.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\2l3ciwb3.exe
2016-12-14 22:11 - 2016-12-14 22:11 - 00001119 _____ C:\Users\Public\Desktop\Hofer foto storitve.lnk
2016-12-14 22:06 - 2016-12-14 22:10 - 00000000 ____D C:\Program Files (x86)\Hofer foto storitve
2016-12-14 21:23 - 2016-12-15 23:54 - 00000000 ____D C:\Users\Jernej\Desktop\koledar 2017
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\xxn1ycch.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\wwsrc0yl.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\tv0asxre.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\syk044vm.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\qaublevw.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\nh0tvqsi.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\lrnrnctq.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\lndi0yuu.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\jrjms1r2.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\itmi3qly.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\hplueezn.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\hc430lux.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\gz25frol.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\a42t5mkl.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\a1jy3ptn.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\5m1b40zw.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\5cmfddtd.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\3fpc2g5z.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\34vjp4is.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\2qpcohij.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\0mihtvzr.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\0gphgoj2.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\0e1innp3.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\001dk12b.exe
2016-12-13 11:12 - 2016-07-22 15:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-12-13 11:12 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-12-13 11:05 - 2016-12-13 11:06 - 02950710 _____ () C:\Program Files\Common Files\orijtx1e.exe
2016-12-13 11:05 - 2016-12-13 11:05 - 02950710 _____ () C:\Program Files\Common Files\h1ialekr.exe
2016-12-13 10:05 - 2016-12-13 10:05 - 02929304 _____ () C:\Program Files\Common Files\vuvcjowk.exe
2016-12-13 10:02 - 2016-12-13 10:02 - 02929304 _____ () C:\Program Files\Common Files\2czivodn.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 02954451 _____ () C:\Program Files\Common Files\sapjv1qo.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 02954451 _____ () C:\Program Files\Common Files\p4d4ysvq.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 02954451 _____ () C:\Program Files\Common Files\euhfpce5.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 02954451 _____ () C:\Program Files\Common Files\eetjjixn.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 02955407 _____ () C:\Program Files\Common Files\sxymutwi.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 02955407 _____ () C:\Program Files\Common Files\rx5mudb2.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 02955407 _____ () C:\Program Files\Common Files\fbik4zax.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 02955407 _____ () C:\Program Files\Common Files\0mbeyhao.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\scsrrdb0.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\fcsmii5k.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\cwdxd4aj.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\5xri25eq.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\2hyvckgp.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\1m2oaq2i.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\yg4vbnnx.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\rwn4isn4.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\micw0en0.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\m5gksziz.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\k0dt5xyl.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\ipf30phh.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\ysri4jqx.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\yjfiyns5.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\y4kf4lua.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\y2ugcrze.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\uhawpzv4.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\qiqf403k.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\ncwu3opx.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\commluf1.exe
2016-12-10 08:11 - 2016-12-10 08:11 - 02956128 _____ () C:\Program Files\Common Files\nrylwlas.exe
2016-12-10 08:11 - 2016-12-10 08:11 - 02956128 _____ () C:\Program Files\Common Files\awjsda0d.exe
2016-12-10 03:42 - 2016-12-10 03:42 - 02956128 _____ () C:\Program Files\Common Files\ztc00rpz.exe
2016-12-10 03:42 - 2016-12-10 03:42 - 02956128 _____ () C:\Program Files\Common Files\wwo5ffrl.exe
2016-12-09 21:40 - 2016-12-09 21:40 - 02956128 _____ () C:\Program Files\Common Files\rrpvpit0.exe
2016-12-09 21:31 - 2016-12-09 21:31 - 02956128 _____ () C:\Program Files\Common Files\4lwyqj04.exe
2016-12-09 19:40 - 2016-12-09 19:40 - 02956128 _____ () C:\Program Files\Common Files\43ukpr0k.exe
2016-12-09 18:40 - 2016-12-09 18:40 - 02956128 _____ () C:\Program Files\Common Files\rt0quins.exe
2016-12-09 18:06 - 2016-12-09 18:06 - 02956128 _____ () C:\Program Files\Common Files\lkoi2shf.exe
2016-12-09 17:39 - 2016-12-09 17:40 - 02956128 _____ () C:\Program Files\Common Files\2rl5yecs.exe
2016-12-09 17:29 - 2016-12-09 17:29 - 02956128 _____ () C:\Program Files\Common Files\jimdwk24.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\vmnrgjab.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\ki1yk2pa.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\ic21ba5x.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\gwmmy2io.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\c0m2zcp1.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\ajuo2qtx.exe
2016-12-09 14:05 - 2016-12-09 14:05 - 02956128 _____ () C:\Program Files\Common Files\fxqf2g0c.exe
2016-12-09 13:39 - 2016-12-09 13:39 - 02956128 _____ () C:\Program Files\Common Files\g4aph4bk.exe
2016-12-09 11:05 - 2016-12-09 11:05 - 02956128 _____ () C:\Program Files\Common Files\3v0vac0x.exe
2016-12-09 11:02 - 2016-12-09 11:02 - 02956128 _____ () C:\Program Files\Common Files\ad55zlca.exe
2016-12-09 10:13 - 2016-12-09 10:15 - 02956128 _____ () C:\Program Files\Common Files\u3hoj5iq.exe
2016-12-09 10:13 - 2016-12-09 10:15 - 02956128 _____ () C:\Program Files\Common Files\ojt3faqt.exe
2016-12-09 09:05 - 2016-12-09 09:05 - 02956128 _____ () C:\Program Files\Common Files\w4opv5kx.exe
2016-12-09 09:02 - 2016-12-09 09:02 - 02956128 _____ () C:\Program Files\Common Files\y5cmu0ku.exe
2016-12-09 09:02 - 2016-12-09 09:02 - 00000509 _____ C:\Users\Jernej\Desktop\Programi in funkcije - Bližnjica.lnk
2016-12-09 08:25 - 2016-12-09 08:25 - 00000000 ____D C:\Users\Jernej\AppData\Roaming\WMM
2016-12-09 08:23 - 2016-12-09 08:23 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-12-09 08:22 - 2016-12-09 08:22 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-12-09 08:20 - 2016-12-09 08:21 - 26689458 _____ (videowinsoft.com ) C:\Users\Jernej\Downloads\windows-movie-maker-2016.exe
2016-12-09 08:12 - 2016-12-09 08:12 - 02956128 _____ () C:\Program Files\Common Files\jwi3dj2f.exe
2016-12-09 08:12 - 2016-12-09 08:12 - 02956128 _____ () C:\Program Files\Common Files\cauh0ybn.exe
2016-12-09 07:35 - 2016-12-09 09:02 - 00000000 ____D C:\ProgramData\Freemake
2016-12-09 07:35 - 2016-12-09 07:38 - 00000000 ____D C:\Users\Jernej\Documents\Freemake
2016-12-09 07:34 - 2016-12-09 09:02 - 00000000 ____D C:\Program Files (x86)\Freemake
2016-12-09 07:32 - 2016-12-09 07:33 - 01964384 _____ (Ellora Assets Corporation ) C:\Users\Jernej\Downloads\FreemakeVideoConverterSetup.exe
2016-12-09 06:44 - 2016-12-09 06:44 - 02956128 _____ () C:\Program Files\Common Files\xfna1tcq.exe
2016-12-09 06:44 - 2016-12-09 06:44 - 02956128 _____ () C:\Program Files\Common Files\ln4iod3t.exe
2016-12-08 21:40 - 2016-12-08 21:40 - 02956128 _____ () C:\Program Files\Common Files\lexwnqln.exe
2016-12-08 21:23 - 2016-12-08 21:24 - 02956128 _____ () C:\Program Files\Common Files\yswveqqx.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\vjmtxj5l.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\uqgjwcsu.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\rqzosy05.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\dod51cix.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\cxmjuknk.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\ciisrtq2.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\bbrkntag.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\akvdljbw.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\5tsj0dr2.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\5sef1rgv.exe
2016-12-08 14:06 - 2016-12-08 14:06 - 02956128 _____ () C:\Program Files\Common Files\p2pdv21t.exe
2016-12-08 13:39 - 2016-12-08 13:40 - 02956128 _____ () C:\Program Files\Common Files\ztktlnti.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\tppr2cu0.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\q0yloisv.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\maklm4nz.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\hdwsbcmp.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\ez03fq4r.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\ayhomga2.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\4b2cbmd0.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\1k4puy4n.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 02953344 _____ () C:\Program Files\Common Files\4ufisxbj.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 02953344 _____ () C:\Program Files\Common Files\4ttvy0so.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 02953344 _____ () C:\Program Files\Common Files\4mla1ysm.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 02953344 _____ () C:\Program Files\Common Files\2jmiqmog.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 02953344 _____ () C:\Program Files\Common Files\1hbi4kw1.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\qzvrnfdp.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\ndrwxafu.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\kgbpmhrn.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\dreu5ktk.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\bqu05vlt.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\4yksy5l5.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\3dgcypuv.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\2xyrg0md.exe
2016-12-07 14:39 - 2016-12-07 14:39 - 02930840 _____ () C:\Program Files\Common Files\wr5do3mv.exe
2016-12-07 14:06 - 2016-12-07 14:06 - 02934666 _____ () C:\Program Files\Common Files\o5nfrwcw.exe
2016-12-07 13:40 - 2016-12-07 13:40 - 02934666 _____ () C:\Program Files\Common Files\llm23iq2.exe
2016-12-07 11:05 - 2016-12-07 11:05 - 02950883 _____ () C:\Program Files\Common Files\r2fgl15t.exe
2016-12-07 11:02 - 2016-12-07 11:02 - 02950883 _____ () C:\Program Files\Common Files\uoxtp5mf.exe
2016-12-07 10:05 - 2016-12-07 10:05 - 02949867 _____ () C:\Program Files\Common Files\fvsh1zrz.exe
2016-12-07 10:02 - 2016-12-07 10:02 - 02949867 _____ () C:\Program Files\Common Files\kbeepq3w.exe
2016-12-07 09:05 - 2016-12-07 09:05 - 02953676 _____ () C:\Program Files\Common Files\d5y5kpxe.exe
2016-12-07 09:02 - 2016-12-07 09:02 - 02953676 _____ () C:\Program Files\Common Files\gh0hlx4u.exe
2016-12-07 08:24 - 2016-12-07 08:24 - 02931262 _____ () C:\Program Files\Common Files\nacfzv3q.exe
2016-12-07 08:24 - 2016-12-07 08:24 - 02931262 _____ () C:\Program Files\Common Files\k0xbs1r4.exe
2016-12-07 07:28 - 2016-12-07 07:28 - 02935068 _____ () C:\Program Files\Common Files\31nhsocp.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\z5ha44fq.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\x2wnjm1b.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\vv0aw5hz.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\vmxlcbkm.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\uxtms3nn.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\uhegpjfs.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\te3htbdw.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\sk4htdoy.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\rugbnzbx.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\r1kz0usq.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\pzv2xkda.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\pnt2j2ag.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\odt1vqlk.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\n1gyzmoy.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\mdgddrr4.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\kne3wgqv.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\jjilqnhr.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\g4r5opax.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\ch4w3fbm.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\areab3p4.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\3u2bsn5p.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\34pnig1q.exe
2016-12-06 08:54 - 2016-12-06 08:54 - 00606154 _____ C:\Users\Jernej\Downloads\2166_0001.pdf
2016-12-06 08:49 - 2016-12-06 08:49 - 02928952 _____ () C:\Program Files\Common Files\jzhud1yt.exe
2016-12-06 08:49 - 2016-12-06 08:49 - 02928952 _____ () C:\Program Files\Common Files\dphlerpw.exe
2016-12-06 06:11 - 2016-12-06 06:11 - 02381224 _____ (iNeta d.o.o. ) C:\Users\Jernej\Downloads\SetupEplFotoPlus(1).exe
2016-12-05 20:40 - 2016-12-05 20:40 - 02945560 _____ () C:\Program Files\Common Files\e11al15p.exe
2016-12-05 19:40 - 2016-12-05 19:40 - 02949356 _____ () C:\Program Files\Common Files\4duzljbv.exe
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-28 19:39 - 2016-12-22 13:01 - 00000000 ____D C:\Users\Jernej\AppData\LocalLow\Mozilla
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-22 13:30 - 2016-08-05 06:12 - 00000000 ____D C:\FRST
2016-12-22 13:20 - 2016-07-28 14:03 - 00000000 ____D C:\Program Files\Common Files\ysxx5yhb
2016-12-22 13:20 - 2016-07-26 21:38 - 00000000 ____D C:\Program Files\Common Files\2gn2rbic
2016-12-22 13:20 - 2016-07-26 17:37 - 00000000 ____D C:\Program Files\Common Files\yp2muamg
2016-12-22 13:20 - 2016-07-26 16:37 - 00000000 ____D C:\Program Files\Common Files\44lsfwfm
2016-12-22 13:20 - 2016-07-26 13:37 - 00000000 ____D C:\Program Files\Common Files\t4guc34w
2016-12-22 13:20 - 2016-07-26 12:37 - 00000000 ____D C:\Program Files\Common Files\psmluq23
2016-12-22 13:19 - 2016-07-28 17:04 - 00000000 ____D C:\Program Files\Common Files\ujvxasm0
2016-12-22 13:19 - 2016-07-28 16:04 - 00000000 ____D C:\Program Files\Common Files\35rlgvd1
2016-12-22 13:19 - 2016-07-28 15:04 - 00000000 ____D C:\Program Files\Common Files\lhw2javn
2016-12-22 13:19 - 2016-07-28 13:03 - 00000000 ____D C:\Program Files\Common Files\rnjokjf4
2016-12-22 13:19 - 2016-07-28 10:03 - 00000000 ____D C:\Program Files\Common Files\g15zxh2x
2016-12-22 13:19 - 2016-07-28 09:03 - 00000000 ____D C:\Program Files\Common Files\pr0krzx1
2016-12-22 13:19 - 2016-07-28 08:03 - 00000000 ____D C:\Program Files\Common Files\pg0jaxsw
2016-12-22 13:19 - 2016-07-28 07:04 - 00000000 ____D C:\Program Files\Common Files\tkt2g0da
2016-12-22 13:19 - 2016-07-27 10:00 - 00000000 ____D C:\Program Files\Common Files\vg3spayq
2016-12-22 13:19 - 2016-07-27 08:59 - 00000000 ____D C:\Program Files\Common Files\vl40wgm2
2016-12-22 13:19 - 2016-07-27 07:59 - 00000000 ____D C:\Program Files\Common Files\cf5tnvux
2016-12-22 13:19 - 2016-07-27 07:00 - 00000000 ____D C:\Program Files\Common Files\kdshgy2y
2016-12-22 13:19 - 2016-07-26 22:38 - 00000000 ____D C:\Program Files\Common Files\2krelaqr
2016-12-22 13:19 - 2016-07-26 20:38 - 00000000 ____D C:\Program Files\Common Files\b3s24rro
2016-12-22 13:19 - 2016-07-26 19:38 - 00000000 ____D C:\Program Files\Common Files\hoa0ouqc
2016-12-22 13:19 - 2016-07-26 15:37 - 00000000 ____D C:\Program Files\Common Files\uirjnnf2
2016-12-22 13:19 - 2016-07-26 14:37 - 00000000 ____D C:\Program Files\Common Files\hqzjqhyj
2016-12-22 13:16 - 2016-07-26 18:37 - 00000000 ____D C:\Program Files\Common Files\kegzscx5
2016-12-22 13:16 - 2009-07-14 05:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-22 13:16 - 2009-07-14 05:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-22 13:03 - 2016-07-26 11:37 - 00000000 ____D C:\Program Files\BitTorrent
2016-12-22 13:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-22 12:40 - 2015-11-17 14:39 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-22 12:07 - 2014-10-23 21:47 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-22 12:07 - 2014-10-23 21:47 - 00000080 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-22 12:07 - 2014-10-16 13:46 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-22 12:07 - 2014-10-16 13:46 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-22 12:05 - 2016-08-05 04:27 - 00000000 ____D C:\Users\Jernej\Desktop\CLEANING VIRUSES 8.2016
2016-12-21 19:26 - 2016-08-05 07:18 - 01932560 _____ C:\Windows\ntbtlog.txt
2016-12-20 21:04 - 2016-11-18 20:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-20 21:04 - 2014-11-15 08:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-20 20:25 - 2015-01-03 08:04 - 00731850 _____ C:\Windows\system32\perfh010.dat
2016-12-20 20:25 - 2015-01-03 08:04 - 00146714 _____ C:\Windows\system32\perfc010.dat
2016-12-20 20:25 - 2015-01-03 07:36 - 00689012 _____ C:\Windows\system32\perfh007.dat
2016-12-20 20:25 - 2015-01-03 07:36 - 00148984 _____ C:\Windows\system32\perfc007.dat
2016-12-20 20:25 - 2015-01-03 07:36 - 00121186 _____ C:\Windows\system32\perfh024.dat
2016-12-20 20:25 - 2015-01-03 07:36 - 00026774 _____ C:\Windows\system32\perfc024.dat
2016-12-20 20:25 - 2009-07-14 06:13 - 02629780 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-20 20:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-19 19:48 - 2014-10-15 13:15 - 00001042 _____ C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-19 14:37 - 2009-07-14 05:45 - 00411760 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-19 14:20 - 2014-10-16 07:41 - 00000000 ____D C:\Windows\system32\MRT
2016-12-19 14:17 - 2014-10-16 07:41 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-19 14:14 - 2014-10-16 08:56 - 02566306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-19 09:41 - 2014-10-16 13:46 - 00003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-19 09:41 - 2014-10-16 13:46 - 00003360 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 20:31 - 2015-07-19 08:17 - 00019968 _____ C:\Users\Jernej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-14 20:10 - 2015-11-17 14:39 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-14 20:10 - 2014-11-12 06:58 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-14 20:10 - 2014-11-12 06:58 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-14 20:09 - 2014-11-12 06:58 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-14 20:09 - 2014-11-12 06:58 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-13 10:54 - 2014-10-16 13:58 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-12-13 10:54 - 2014-10-16 13:58 - 00001945 _____ C:\Windows\epplauncher.mif
2016-12-13 10:54 - 2014-10-16 13:58 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-12-13 10:54 - 2014-10-16 13:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-12-09 21:41 - 2014-10-23 20:20 - 00000000 ____D C:\Users\Jernej\AppData\Roaming\vlc
2016-12-09 11:45 - 2015-12-22 19:20 - 00000000 ____D C:\Users\Jernej\AppData\Roaming\dvdcss
2016-12-09 06:56 - 2014-10-22 18:52 - 00000000 ____D C:\!!!MAJA
2016-12-06 06:11 - 2015-12-14 10:01 - 00002134 _____ C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\ePhotoLab - Foto Plus.lnk
2016-12-06 06:11 - 2015-12-14 10:01 - 00002110 _____ C:\Users\Jernej\Desktop\ePhotoLab - Foto Plus.lnk
2016-12-06 06:11 - 2015-12-14 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ePhotoLab
2016-12-05 20:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
 
==================== Files in the root of some directories =======
 
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\001dk12b.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\0e1innp3.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\0gphgoj2.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 2955407 _____ () C:\Program Files\Common Files\0mbeyhao.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\0mihtvzr.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 2953344 _____ () C:\Program Files\Common Files\1hbi4kw1.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\1k4puy4n.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\1m2oaq2i.exe
2016-12-15 18:06 - 2016-12-15 18:06 - 3020738 _____ () C:\Program Files\Common Files\1w31tty5.exe
2016-12-13 10:02 - 2016-12-13 10:02 - 2929304 _____ () C:\Program Files\Common Files\2czivodn.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\2hyvckgp.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 2953344 _____ () C:\Program Files\Common Files\2jmiqmog.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\2l3ciwb3.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 3021081 _____ () C:\Program Files\Common Files\2ozgoojj.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\2qpcohij.exe
2016-12-09 17:39 - 2016-12-09 17:40 - 2956128 _____ () C:\Program Files\Common Files\2rl5yecs.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\2xyrg0md.exe
2016-12-07 07:28 - 2016-12-07 07:28 - 2935068 _____ () C:\Program Files\Common Files\31nhsocp.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\31upcpzi.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\33nzp3ds.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\34pnig1q.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\34vjp4is.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\3crnd5s4.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\3dgcypuv.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\3fpc2g5z.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\3fzkvfce.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\3hmbjydh.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\3q4nu04v.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\3u2bsn5p.exe
2016-12-09 11:05 - 2016-12-09 11:05 - 2956128 _____ () C:\Program Files\Common Files\3v0vac0x.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\3xjp4ttv.exe
2016-12-09 19:40 - 2016-12-09 19:40 - 2956128 _____ () C:\Program Files\Common Files\43ukpr0k.exe
2016-12-15 17:56 - 2016-12-15 17:56 - 3020682 _____ () C:\Program Files\Common Files\4avdldsz.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\4b2cbmd0.exe
2016-12-05 19:40 - 2016-12-05 19:40 - 2949356 _____ () C:\Program Files\Common Files\4duzljbv.exe
2016-12-09 21:31 - 2016-12-09 21:31 - 2956128 _____ () C:\Program Files\Common Files\4lwyqj04.exe
2016-12-15 18:39 - 2016-12-15 18:39 - 3020768 _____ () C:\Program Files\Common Files\4mjjul5p.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 2953344 _____ () C:\Program Files\Common Files\4mla1ysm.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\4pje2usj.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 2953344 _____ () C:\Program Files\Common Files\4ttvy0so.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 2953344 _____ () C:\Program Files\Common Files\4ufisxbj.exe
2016-12-15 23:40 - 2016-12-15 23:40 - 3020666 _____ () C:\Program Files\Common Files\4yckbatn.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\4yksy5l5.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\5cmfddtd.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\5m1b40zw.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\5sef1rgv.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\5tsj0dr2.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\5xri25eq.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\5z5ytn0z.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\a1jy3ptn.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\a42t5mkl.exe
2016-12-09 11:02 - 2016-12-09 11:02 - 2956128 _____ () C:\Program Files\Common Files\ad55zlca.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\ajuo2qtx.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\akvdljbw.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\aluxhvc5.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\areab3p4.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\ari0p41n.exe
2016-12-10 08:11 - 2016-12-10 08:11 - 2956128 _____ () C:\Program Files\Common Files\awjsda0d.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\ayhomga2.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\bbrkntag.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\bev1tt0w.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\bj4smrpj.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\bqu05vlt.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\bru4lzu0.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\c0m2zcp1.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\c4jrup5i.exe
2016-12-09 08:12 - 2016-12-09 08:12 - 2956128 _____ () C:\Program Files\Common Files\cauh0ybn.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\ch4w3fbm.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\ciisrtq2.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\cj2zwhls.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\commluf1.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\cqcpdayj.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\cqd4ru0n.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\crftw0hg.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\csji25pz.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\cwdxd4aj.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\cxmjuknk.exe
2016-12-07 09:05 - 2016-12-07 09:05 - 2953676 _____ () C:\Program Files\Common Files\d5y5kpxe.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\do3zwpeu.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\dod51cix.exe
2016-12-06 08:49 - 2016-12-06 08:49 - 2928952 _____ () C:\Program Files\Common Files\dphlerpw.exe
2016-12-19 14:08 - 2016-12-19 14:08 - 3021071 _____ () C:\Program Files\Common Files\dqf0nuhv.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\dreu5ktk.exe
2016-12-05 20:40 - 2016-12-05 20:40 - 2945560 _____ () C:\Program Files\Common Files\e11al15p.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\e15zwtfd.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\e3ee5qol.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\eesjskqo.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 2954451 _____ () C:\Program Files\Common Files\eetjjixn.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\eh44yp5b.exe
2016-12-15 19:40 - 2016-12-15 19:40 - 3020700 _____ () C:\Program Files\Common Files\eldcccjx.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 2954451 _____ () C:\Program Files\Common Files\euhfpce5.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 3021081 _____ () C:\Program Files\Common Files\euu02fii.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\ez03fq4r.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 2955407 _____ () C:\Program Files\Common Files\fbik4zax.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\fcsmii5k.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\fm0btic2.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\fuizqtnt.exe
2016-12-07 10:05 - 2016-12-07 10:05 - 2949867 _____ () C:\Program Files\Common Files\fvsh1zrz.exe
2016-12-09 14:05 - 2016-12-09 14:05 - 2956128 _____ () C:\Program Files\Common Files\fxqf2g0c.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\fyxzggo4.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\fzpkj1kt.exe
2016-12-09 13:39 - 2016-12-09 13:39 - 2956128 _____ () C:\Program Files\Common Files\g4aph4bk.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\g4r5opax.exe
2016-12-07 09:02 - 2016-12-07 09:02 - 2953676 _____ () C:\Program Files\Common Files\gh0hlx4u.exe
2016-12-15 20:40 - 2016-12-15 20:40 - 3020706 _____ () C:\Program Files\Common Files\gidl3212.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\gwmmy2io.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\gypr5lcy.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\gz25frol.exe
2016-12-13 11:05 - 2016-12-13 11:05 - 2950710 _____ () C:\Program Files\Common Files\h1ialekr.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\hc430lux.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\hdwsbcmp.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\hmgtsovy.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\hplueezn.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\ic21ba5x.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\ipf30phh.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\ipymryka.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\itmi3qly.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\ivnncg3v.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 3021081 _____ () C:\Program Files\Common Files\ixyljokq.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\j4yr4toi.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\jb44irkl.exe
2016-12-09 17:29 - 2016-12-09 17:29 - 2956128 _____ () C:\Program Files\Common Files\jimdwk24.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\jjilqnhr.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 3021081 _____ () C:\Program Files\Common Files\jkol1wsz.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\jnd1lkzy.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\jrjms1r2.exe
2016-12-09 08:12 - 2016-12-09 08:12 - 2956128 _____ () C:\Program Files\Common Files\jwi3dj2f.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 3021720 _____ () C:\Program Files\Common Files\jwnivu1w.exe
2016-12-06 08:49 - 2016-12-06 08:49 - 2928952 _____ () C:\Program Files\Common Files\jzhud1yt.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\k0dt5xyl.exe
2016-12-07 08:24 - 2016-12-07 08:24 - 2931262 _____ () C:\Program Files\Common Files\k0xbs1r4.exe
2016-12-15 21:40 - 2016-12-15 21:40 - 3020650 _____ () C:\Program Files\Common Files\k5s5jr3c.exe
2016-12-07 10:02 - 2016-12-07 10:02 - 2949867 _____ () C:\Program Files\Common Files\kbeepq3w.exe
2016-12-19 11:29 - 2016-12-19 11:29 - 3021081 _____ () C:\Program Files\Common Files\kbsen10d.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\kdfdw1nx.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\keeflik3.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\kgbpmhrn.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\ki1yk2pa.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\kmvjzs2c.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\kne3wgqv.exe
2016-12-15 17:55 - 2016-12-15 17:55 - 3020682 _____ () C:\Program Files\Common Files\kpbsvgsf.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\krdcyofl.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\kti2cpft.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\kukhs5yc.exe
2016-12-08 21:40 - 2016-12-08 21:40 - 2956128 _____ () C:\Program Files\Common Files\lexwnqln.exe
2016-12-09 18:06 - 2016-12-09 18:06 - 2956128 _____ () C:\Program Files\Common Files\lkoi2shf.exe
2016-12-07 13:40 - 2016-12-07 13:40 - 2934666 _____ () C:\Program Files\Common Files\llm23iq2.exe
2016-12-09 06:44 - 2016-12-09 06:44 - 2956128 _____ () C:\Program Files\Common Files\ln4iod3t.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\lndi0yuu.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\lrnrnctq.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\m5gksziz.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\maklm4nz.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\mdgddrr4.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\micw0en0.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\mkool4nz.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\n1gyzmoy.exe
2016-12-07 08:24 - 2016-12-07 08:24 - 2931262 _____ () C:\Program Files\Common Files\nacfzv3q.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\ncwu3opx.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\ndrwxafu.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\ngwslksm.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\nh0tvqsi.exe
2016-12-10 08:11 - 2016-12-10 08:11 - 2956128 _____ () C:\Program Files\Common Files\nrylwlas.exe
2016-12-22 11:05 - 2016-12-22 11:05 - 3021667 _____ () C:\Program Files\Common Files\nxqix2v4.exe
2016-12-07 14:06 - 2016-12-07 14:06 - 2934666 _____ () C:\Program Files\Common Files\o5nfrwcw.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\odt1vqlk.exe
2016-12-21 19:42 - 2016-12-21 19:42 - 3021720 _____ () C:\Program Files\Common Files\oe5rxgmy.exe
2016-12-09 10:13 - 2016-12-09 10:15 - 2956128 _____ () C:\Program Files\Common Files\ojt3faqt.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 3021720 _____ () C:\Program Files\Common Files\olf1kjhh.exe
2016-12-19 13:39 - 2016-12-19 13:39 - 3021071 _____ () C:\Program Files\Common Files\oqhrpyau.exe
2016-12-13 11:05 - 2016-12-13 11:06 - 2950710 _____ () C:\Program Files\Common Files\orijtx1e.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\otfg1co3.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\p1qnbqql.exe
2016-12-08 14:06 - 2016-12-08 14:06 - 2956128 _____ () C:\Program Files\Common Files\p2pdv21t.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 2954451 _____ () C:\Program Files\Common Files\p4d4ysvq.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\pnt2j2ag.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\pt2bgm5a.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\pzv2xkda.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\q0yloisv.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\qaublevw.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\qiqf403k.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\qs1mlvay.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\qzvrnfdp.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\r1kz0usq.exe
2016-12-07 11:05 - 2016-12-07 11:05 - 2950883 _____ () C:\Program Files\Common Files\r2fgl15t.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\rb5gu2a4.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\rgmctvpo.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\rqzosy05.exe
2016-12-09 21:40 - 2016-12-09 21:40 - 2956128 _____ () C:\Program Files\Common Files\rrpvpit0.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\rsgzqio1.exe
2016-12-09 18:40 - 2016-12-09 18:40 - 2956128 _____ () C:\Program Files\Common Files\rt0quins.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\rugbnzbx.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\rwn4isn4.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 2955407 _____ () C:\Program Files\Common Files\rx5mudb2.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\rxdu4hxh.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 2954451 _____ () C:\Program Files\Common Files\sapjv1qo.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\scsrrdb0.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\sdd5fdmt.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\sfgifsmn.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\sk4htdoy.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 2955407 _____ () C:\Program Files\Common Files\sxymutwi.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\syk044vm.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 3021720 _____ () C:\Program Files\Common Files\tcxzcyiq.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\te3htbdw.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\tppr2cu0.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\tv0asxre.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\tvp0ztb2.exe
2016-12-21 19:38 - 2016-12-21 19:38 - 3021720 _____ () C:\Program Files\Common Files\tvxpfunq.exe
2016-12-09 10:13 - 2016-12-09 10:15 - 2956128 _____ () C:\Program Files\Common Files\u3hoj5iq.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\u5e3xqwm.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\uhawpzv4.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\uhegpjfs.exe
2016-12-21 19:41 - 2016-12-21 19:42 - 3021720 _____ () C:\Program Files\Common Files\uowpj54y.exe
2016-12-07 11:02 - 2016-12-07 11:02 - 2950883 _____ () C:\Program Files\Common Files\uoxtp5mf.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\uqgjwcsu.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\uxtms3nn.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\v2mqzgiv.exe
2016-12-22 11:02 - 2016-12-22 11:02 - 3021667 _____ () C:\Program Files\Common Files\vczke5tf.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\vhgrdcjw.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\vjmtxj5l.exe
2016-12-15 22:40 - 2016-12-15 22:40 - 3020746 _____ () C:\Program Files\Common Files\vl1ychoa.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\vmnrgjab.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\vmxlcbkm.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\vnliupbx.exe
2016-12-13 10:05 - 2016-12-13 10:05 - 2929304 _____ () C:\Program Files\Common Files\vuvcjowk.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\vv0aw5hz.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\vwsegdek.exe
2016-12-09 09:05 - 2016-12-09 09:05 - 2956128 _____ () C:\Program Files\Common Files\w4opv5kx.exe
2016-12-07 14:39 - 2016-12-07 14:39 - 2930840 _____ () C:\Program Files\Common Files\wr5do3mv.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\wuf4xr5f.exe
2016-12-21 19:42 - 2016-12-21 19:42 - 3021720 _____ () C:\Program Files\Common Files\wugd3s1k.exe
2016-12-10 03:42 - 2016-12-10 03:42 - 2956128 _____ () C:\Program Files\Common Files\wwo5ffrl.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\wwsrc0yl.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\x2wnjm1b.exe
2016-08-05 08:02 - 2016-08-05 08:02 - 2954779 _____ () C:\Program Files\Common Files\xalna2x2.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\xdcfvull.exe
2016-12-09 06:44 - 2016-12-09 06:44 - 2956128 _____ () C:\Program Files\Common Files\xfna1tcq.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 3021720 _____ () C:\Program Files\Common Files\xwfp3nce.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\xxn1ycch.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\y2ugcrze.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\y4kf4lua.exe
2016-12-09 09:02 - 2016-12-09 09:02 - 2956128 _____ () C:\Program Files\Common Files\y5cmu0ku.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\yg4vbnnx.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\yjfiyns5.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\ysri4jqx.exe
2016-12-08 21:23 - 2016-12-08 21:24 - 2956128 _____ () C:\Program Files\Common Files\yswveqqx.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\ywh20yst.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\z5ha44fq.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\zm3eqna5.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\zoc0wpej.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\zshdiv54.exe
2016-12-10 03:42 - 2016-12-10 03:42 - 2956128 _____ () C:\Program Files\Common Files\ztc00rpz.exe
2016-12-08 13:39 - 2016-12-08 13:40 - 2956128 _____ () C:\Program Files\Common Files\ztktlnti.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\zu3awbg2.exe
2016-07-26 11:33 - 2016-07-26 11:33 - 7105536 _____ () C:\Users\Jernej\AppData\Roaming\agent.dat
2016-07-26 11:32 - 2016-07-26 11:32 - 0129024 _____ () C:\Users\Jernej\AppData\Roaming\Installer.dat
2016-07-26 11:33 - 2016-07-26 11:33 - 0018432 _____ () C:\Users\Jernej\AppData\Roaming\Main.dat
2016-08-05 07:37 - 2016-12-22 13:08 - 0484989 _____ () C:\Users\Jernej\AppData\Local\BTServer.log
2015-07-19 08:17 - 2016-12-15 20:31 - 0019968 _____ () C:\Users\Jernej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-03 09:47 - 2016-08-26 19:25 - 0007657 _____ () C:\Users\Jernej\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
C:\Users\Jernej\AppData\Local\Temp\DllMonoCtrl.dll
C:\Users\Jernej\AppData\Local\Temp\FreemakeVideoConverterFull.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-05 20:02
 
==================== End of FRST.txt ============================
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Jernej (22-12-2016 13:33:54)
Running from C:\Users\Jernej\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-10-15 12:15:24)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-111603173-2415600283-1906868864-500 - Administrator - Disabled)
Guest (S-1-5-21-111603173-2415600283-1906868864-501 - Limited - Disabled)
Jernej (S-1-5-21-111603173-2415600283-1906868864-1000 - Administrator - Enabled) => C:\Users\Jernej
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ACDSee 4.0 (HKLM-x32\...\{92605735-AAFB-47F7-A67D-17ED129EFF9C}) (Version: 4.00.0000 - ACD Systems Ltd)
ACDSee Pro 4 (HKLM-x32\...\{88D4FE78-6EA6-4DFB-9FC2-8BC316F0C2FD}) (Version: 4.0.237 - ACD Systems International Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Slovenian (HKLM-x32\...\{AC76BA86-7AD7-1060-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
BitComet 1.37 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.37 - CometNetwork)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
ePhotoLab - Foto Plus (HKLM-x32\...\{262B688D-2A92-4424-BCDF-CF0EFA87075A}_is1) (Version: 2.11.5 - iNeta d.o.o.)
Google Chrome (HKLM-x32\...\{D0759C6C-1F01-345D-8F59-E3B43977D754}) (Version: 55.0.2883.87 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Google Zemlja (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Hofer foto storitve (HKLM-x32\...\Hofer foto storitve) (Version: 4.12.1. - ORWO Net)
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{88D3964A-59BE-412B-B61F-6EF5FBB33707}) (Version: 6.0.12.1 - Hewlett-Packard Company)
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version:  - )
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Malwarebytes različica 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0424-0000-0000000FF1CE}_OMUI.sl-si_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Slovenian/slovenščina (HKLM-x32\...\OMUI.sl-si) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Nero 2015 (HKLM-x32\...\{763EF8DC-4CC0-47CA-BE1C-BDE731462250}) (Version: 16.0.02900 - Nero AG)
Nero BackItUp (HKLM-x32\...\{0450A697-C87E-42C2-9331-29E19901F72A}) (Version: 15.2.7.14 - Nero AG)
Nero BackItUp 11 Essentials CDPack (HKLM-x32\...\{BD0516DD-705C-441F-A30D-1CC289895309}) (Version: 11.0.00200 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Posodobitev za Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0424-0000-0000000FF1CE}_OMUI.sl-si_{FD705E62-13B4-4BF5-A4B2-A7599309751B}) (Version:  - Microsoft)
Posodobitev za Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0424-0000-0000000FF1CE}_OMUI.sl-si_{045DC059-1CCC-47B9-BA35-713E269D33B8}) (Version:  - Microsoft)
Posodobitev za Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0424-0000-0000000FF1CE}_OMUI.sl-si_{AD1C31E7-4856-4887-9307-1ABDE0F2DF7C}) (Version:  - Microsoft)
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.7 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.43 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.83.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7225 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
SETCCE proXSign® 2.0.6.1 (HKLM-x32\...\{5829CC72-35A3-439B-AB90-CE2776075835}}_is1) (Version: 2.0.6.1 - SETCCE)
SETCCE proXSign® XML ActiveX 1.2.24 - XML Digital Signatures, Encryption and Timestamping plugin - User (HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\proXSignXML) (Version: 1.2.24 - SETCCE)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.8.1 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0E20888B-9CC5-4B4A-A32E-671871CF7864} - System32\Tasks\7b5dd999-cf86-4b52-85b9-b1d7ec4756d4 15 0 => C:\Program Files (x86)\Nero\Nero BackItUp\NBCore.exe [2014-09-29] (Nero AG)
Task: {1CD0CF01-CC38-4ABA-81E9-856F92CF0480} - System32\Tasks\aew3wwgw => C:\Program Files\Common Files\kegzscx5\d43dcnw0thxcg.exe <==== ATTENTION
Task: {1D9A101B-B904-46B7-B9A2-1E4A034F364B} - System32\Tasks\bzlgyg1h => C:\Program Files\Common Files\pr0krzx1\52038npzmibh2.exe <==== ATTENTION
Task: {261F065E-BA19-4CCA-8776-CFFFB45EE80A} - System32\Tasks\dx0alk5l => C:\Program Files\Common Files\tkt2g0da\1d426sqxyvnqc.exe <==== ATTENTION
Task: {304EA0D6-477C-4FDE-8CFC-3DD08E6833E6} - \iroductuol -> No File <==== ATTENTION
Task: {3975A867-3F5C-4E35-9DCE-FD0DC3B1FD51} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {3CF90AAF-3A3A-48AE-8E3B-4FCA630D20C4} - System32\Tasks\w4oqkuw4 => C:\Program Files\Common Files\lhw2javn\db899u3bh41dx.exe <==== ATTENTION
Task: {3E7E7D77-654A-4472-8AFD-088EDDBE624F} - System32\Tasks\gs0xirtn => C:\Program Files\Common Files\uirjnnf2\189f1trzrsatt.exe <==== ATTENTION
Task: {410347DE-3EBC-4D2B-8DE2-BB205187CA21} - System32\Tasks\rwxtky3g => C:\Program Files\Common Files\ujvxasm0\09e10qonzu23e.exe <==== ATTENTION
Task: {41268F4E-4DAF-40D5-A562-05D23161B2DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {42EC75BC-63FA-4D0E-A20E-139C79F2064C} - System32\Tasks\nhzvoppp => C:\Program Files\Common Files\2krelaqr\d111a4zt4hmo1.exe <==== ATTENTION
Task: {4ADE3A03-7D73-4A76-B348-6956D20BE4A2} - System32\Tasks\vobtm3pr => C:\Program Files\Common Files\g15zxh2x\5fca53bcqw3kz.exe <==== ATTENTION
Task: {5CCFC39E-40CA-47EE-93B2-AA7F190F4868} - System32\Tasks\jyluoi3o => C:\Program Files\Common Files\kdshgy2y\04f1f51ndwsdw.exe <==== ATTENTION
Task: {5D124534-D193-485E-A7D7-3614CCE75DE9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5DE9D4EC-62CA-44D7-B515-66CA20E30A12} - System32\Tasks\34bzjgdx => C:\Program Files\Common Files\t4guc34w\43a20sybjnkgy.exe <==== ATTENTION
Task: {61D1C7DF-FC15-47ED-82B3-DBE7A90DD6E1} - System32\Tasks\n5nimpm4 => C:\Program Files\Common Files\vl40wgm2\7c699xxmjmkl2.exe <==== ATTENTION
Task: {64192548-9393-4CBE-A235-DD5E59746CC0} - System32\Tasks\{E2AA2501-2745-47B3-A4CD-D89AE8B06715} => pcalua.exe -a "C:\!!!DOKUMENTI ZA BACKUP\!!Jernej Filmi, glasba, igre\arhiv games\command and conquer - red alert 2 (full game)\RegSetup.exe" -d "C:\!!!DOKUMENTI ZA BACKUP\!!Jernej Filmi, glasba, igre\arhiv games\command and conquer - red alert 2 (full game)"
Task: {672E2CC8-9E53-4CF4-A946-1AFE7544AF9A} - System32\Tasks\w5xmqrcq => C:\Program Files\Common Files\vg3spayq\5cf43em4bjwkt.exe <==== ATTENTION
Task: {78334BCB-A148-4BB5-820A-E4E5C9DE7E10} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {8538BBAD-7C03-499F-A240-CF672496B93F} - System32\Tasks\igritx3u => C:\Program Files\Common Files\rnjokjf4\6f57fetxki00d.exe <==== ATTENTION
Task: {8FC23127-DF86-4097-9915-99B854637BAB} - System32\Tasks\vldfwxve => C:\Program Files\Common Files\44lsfwfm\080dcjaag0eod.exe <==== ATTENTION
Task: {97A7CD85-25C8-4624-B459-122D2C1485FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {9EF728DC-1F78-4955-BE9B-7F171C131D44} - System32\Tasks\xjyzd1ki => C:\Program Files\Common Files\ysxx5yhb\48ea1b3ohf4wl.exe <==== ATTENTION
Task: {A0E1D398-D6B0-48A3-816F-3C11E27D8C14} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {B5B5E9CA-99AA-4447-A091-3A24C9F8C255} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {BB14361B-6415-4DD5-8719-F0D7FC04778D} - System32\Tasks\rz54y325 => C:\Program Files\Common Files\2gn2rbic\051e6ldtingzt.exe <==== ATTENTION
Task: {BB786BFC-B154-4DEC-852C-5C3B6BC72362} - System32\Tasks\k2wgs20j => C:\Program Files\Common Files\pg0jaxsw\0d229btfrvrt4.exe <==== ATTENTION
Task: {D74A369B-C92F-4264-921F-2A9FAC21068F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {D86C73AF-34CC-47B0-BD37-35715A5CB934} - System32\Tasks\fr2evhkj => C:\Program Files\Common Files\b3s24rro\92134w0wohno2.exe <==== ATTENTION
Task: {DE25E640-39B9-4F7E-8133-964B68D3C187} - System32\Tasks\aamtcoic => C:\Program Files\Common Files\psmluq23\b224dixovo2ps.exe <==== ATTENTION
Task: {DEE91ED5-72D4-4732-8E17-4204C7D20BE1} - System32\Tasks\325t2dgz => C:\Program Files\Common Files\cf5tnvux\813f4znyjmvek.exe <==== ATTENTION
Task: {E3436D5D-B1CE-47EE-A48F-A39E26FBE549} - System32\Tasks\BackItUp_Install_Launch => C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe [2014-09-29] (Nero AG)
Task: {ED6A2AC6-7572-4AAA-84FB-0859626FD86C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {F36DE809-99BA-4026-9C05-3F080FF21E70} - System32\Tasks\idrs0g0w => C:\Program Files\Common Files\hoa0ouqc\56fbapto3aemc.exe <==== ATTENTION
Task: {F8DA3BE4-37AC-46D6-8A7A-F0FF2F465ED6} - System32\Tasks\qg0zoahs => C:\Program Files\Common Files\yp2muamg\46ec24hx2bmax.exe <==== ATTENTION
Task: {F97AC0CF-DCBF-4A88-A8E0-5026EF385406} - System32\Tasks\yqqzgxft => C:\Program Files\Common Files\hqzjqhyj\0d94ejvnaauru.exe <==== ATTENTION
Task: {FAA61F7E-F6B3-48F6-B5F9-C3BEA40CC878} - System32\Tasks\Jernej NBAgent 6 0 => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-11-18] (Nero AG)
Task: {FFF7D1C5-B259-49BD-9F1F-0018F389CC5D} - System32\Tasks\g4hx0oj0 => C:\Program Files\Common Files\35rlgvd1\8922043tt2wjb.exe <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-01-31 15:27 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2015-01-31 15:27 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-10-17 08:08 - 2014-03-05 17:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-12-22 11:48 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-22 11:48 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-22 11:48 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2014-08-13 23:24 - 2014-10-03 17:36 - 00457616 _____ () C:\Windows\system32\igfxTray.exe
2015-01-10 19:01 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-10 19:01 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-10 19:01 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-17 07:35 - 2013-12-10 06:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-12-15 17:48 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 17:48 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7914 more sites.
 
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123simsen.com -> www.123simsen.com
 
There are 7914 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2016-08-11 12:31 - 00453322 ____R C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15553 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 84.255.209.79 - 84.255.210.79
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{42CDF0B4-4C93-4658-9E38-2211022A85A2}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe
FirewallRules: [UDP Query User{CBE72B56-AF81-4996-BE9E-611F79B06354}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe
FirewallRules: [{6EC666CD-1DCA-4FF6-AB71-6D070DE95239}] => C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{7B94BDAC-B41B-48F3-839E-CEA31B93D67C}] => C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{5887390C-E37B-4705-86AF-5C8922869EB7}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{657FA800-1173-46EC-9C84-17D2A0F87047}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{03EAD128-94BB-4427-8995-C3ED17456665}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{2AF93E18-B4FE-496C-8177-627BD4ADB577}] => C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{235DA097-ADCB-49B0-8B5E-93D4336F82FF}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{2DA4AA07-A06C-49C1-AC0A-AA177F56EF56}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{08D610B7-3184-4A60-BD3D-E878E26724AC}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{40BF57BD-5416-41BA-B8C4-4153E1A7551B}] => C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe
FirewallRules: [{05E0CDCF-25F7-4941-802B-1F1C5C23A332}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BA9F6EA5-F637-411E-9D9A-C9C31BB78B58}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{ED4EECBE-F5BF-41AC-81B2-CDF2855178E6}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C352ECA3-0D13-4D44-A916-07F83922FE59}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D08A593B-9435-41D9-96BC-ED9923399F18}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{59EC815D-7AFA-4344-A2DF-29319FC81381}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8FCCC32D-62BA-4FA1-B14C-BAD313C71048}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{89FC8B99-8C6E-45C8-9AD0-2E794874F77B}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8375A686-5438-4D36-A857-F1ACF2BAEDB2}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D1B47440-8494-41B7-9108-AF3C859556E2}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{805F6CD4-7D79-4E8E-B4F3-C1E852CBA840}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{71AA118D-3460-46E7-8373-7705F29E0293}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CD8F4598-6EB8-4487-AFBB-20938F268897}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2051E861-708D-41A8-9E6C-7F420A30D497}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4FBCF6D2-232B-4B4B-B641-A71A40278ECC}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F47537A9-6967-4997-B355-E5CE60860BCB}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3BAB8D33-9ECF-48F6-99DA-ABADDF595A73}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DDA499C4-5B57-4F1E-AAED-B8028263D705}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{22F58D2D-A8EE-4310-8874-16E16F43A11E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A80DDCCB-EF45-4C74-BDF7-FDA1EB06F3D8}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{003014F9-7CFB-4913-8A6A-CD8723CF40B4}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [TCP Query User{D8AF7791-95C8-49B2-9069-E13F50ED0D9F}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CA6C5949-857B-4426-BD71-FA264EAB2179}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{443519A2-C4D8-42F5-9395-0E951F8AC3BF}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{459ECC2D-5C5E-4AA9-A4FF-9E03C9684663}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0E2D1E97-794C-461E-A504-7D6CA2E3AFE2}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E43895AA-A3E9-4031-8599-E16E428CBCD4}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6311856D-27F0-4F1B-AF6F-2EF5263BB34D}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8377A8CE-0F51-4DB5-B6A7-2FBD469F1BB1}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5478A14E-60E5-48B1-81A6-1E73F55E3819}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{56E52500-6A5E-4C58-9FE2-D3A5754BBC34}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{97EC1FA7-3B21-4B76-B32E-278199C5001F}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{34E45DA3-BBCA-4531-B488-03F0012D900C}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2329650-5D73-422A-ABE6-ECB83713C026}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0EB9616F-CA04-43A1-966A-FB34A615C2C0}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{05FFC6A3-22F8-4D1F-A635-2C9300D01128}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE47CC34-8EC5-48E0-946F-80B4356EB631}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8CCECAE-2D33-430D-803F-8E9A0D46BD2E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{99BA3B55-9DAD-4DEA-AF12-54D5932C9732}] => C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{094CFDD2-E959-4E5B-8BD7-E3F9B40CA882}] => C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{685DB42B-1AF7-4FC1-9C77-2F1F6ED99BCB}] => C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DB31FA1C-64B1-49FE-BBE0-4B231ECD8700}] => C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1AA52942-D504-43FF-B146-4F6B9193F22E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7C55BF79-93FE-437D-B943-652D1D56CF6E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [TCP Query User{87FE0258-FF93-4090-8165-A7CDB886D749}C:\downloads\bitcomet\aoe2conq\empires2.exe] => C:\downloads\bitcomet\aoe2conq\empires2.exe
FirewallRules: [UDP Query User{80D530E4-B3AA-4320-A1ED-DC134F5E83CE}C:\downloads\bitcomet\aoe2conq\empires2.exe] => C:\downloads\bitcomet\aoe2conq\empires2.exe
FirewallRules: [TCP Query User{AAE6B486-9107-4A7B-9F9B-8827CACDE267}C:\downloads\bitcomet\aoe2conq\age2_x1.exe] => C:\downloads\bitcomet\aoe2conq\age2_x1.exe
FirewallRules: [UDP Query User{76C90AEC-48AB-48C7-80D2-045BCBD6F3B9}C:\downloads\bitcomet\aoe2conq\age2_x1.exe] => C:\downloads\bitcomet\aoe2conq\age2_x1.exe
FirewallRules: [TCP Query User{C61B7604-0DC5-48E5-9714-73578FE47FAF}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe
FirewallRules: [UDP Query User{B308E31E-4290-4C1E-AE1F-F988C8F9F6DB}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe
FirewallRules: [TCP Query User{9FBE2060-3F4D-4D01-B45C-CED1C6724BA2}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe
FirewallRules: [UDP Query User{559E3177-441A-43CA-9CBB-BBA2B26D36CE}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe
FirewallRules: [TCP Query User{C581DBAA-BCDA-4CD1-B554-A32A39F0A156}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [UDP Query User{9A858B04-E66E-4B10-B19A-42C5799DB07D}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [{43DAD11F-E707-4106-8701-E2E5F5F80F33}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{862FDC02-CC4D-452D-80AA-9A2E8FC80A3E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3C5F9759-F9CC-4DA0-BBEF-F1CE00A04515}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{839B9CE2-85F6-4753-8E6B-DE3A8E123CE9}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{80BD58A5-0D69-4BD2-AF71-0ACD2268D4FC}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2E45AA62-DDA2-47E1-B02D-041E04CF0E48}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{38156B92-492E-46C3-B7D9-5B5CA791CB22}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2804B13F-6E4E-456A-A1BA-F4C4329D867D}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{66DE6CD2-8994-49FB-8DBC-5C32A73594B7}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FEB10EC4-9FFE-40E1-80A2-36153D6082D0}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{830B42C6-58C3-4425-AB93-37C78BBE51AD}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C812EC69-2895-478C-AD4D-01F2F258BB0C}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D1BD6247-5DD4-4753-81E8-2956602C15DD}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{85D1C169-80BA-43B6-8FC8-A39CB655DB56}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3BFC3367-844B-4E88-A555-653D01E7936E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E0B83DC9-85E6-4F56-9B94-C12FCA680C8C}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D423F623-09F4-495C-A6B8-98EB5694BF2A}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
09-12-2016 08:23:27 Installed DirectX
09-12-2016 17:30:34 Windows Update
10-12-2016 08:23:44 Windows Update
13-12-2016 10:50:25 Windows Update
13-12-2016 11:12:41 Windows Update
15-12-2016 18:00:29 Varnostno kopiranje
19-12-2016 11:37:28 Windows Update
19-12-2016 14:02:21 Windows Update
22-12-2016 11:41:07 247backup.2016.12.22.ob11.40
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek Bluetooth 4.0 Adapter
Description: Realtek Bluetooth 4.0 Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Realtek Semiconductor Corp.
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/22/2016 01:05:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/22/2016 01:05:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Napačno ime programa: NBAgent.exe, različica: 15.2.7.14, časovni žig: 0x5428e839
Napačno ime modula: NBAgent.exe, različica: 15.2.7.14, časovni žig: 0x5428e839
Koda izjeme: 0xc0000005
Napačen odmik: 0x00026e56
Napačen id procesa: 0x824
Napačen začetni čas programa: 0x01d25c4b8fd65917
Napačna programska pot: C:\Program Files (x86)\Nero\Nero BackItUp\NBAgent.exe
Napačna pot modula: C:\Program Files (x86)\Nero\Nero BackItUp\NBAgent.exe
Id poročila: e054c522-c83e-11e6-bf3e-1458d0c7fc30
 
Error: (12/22/2016 01:04:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: NBAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
   at <Module>._wWinMainCRTStartup()
 
Error: (12/21/2016 07:42:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Varnostno kopiranje ni bilo končano, ker je prišlo do napake pri zapisovanju na mesto za varnostne kopije E:\. Napaka je: Mesta za varnostne kopije ni mogoče najti ali ni veljavno. Preglejte nastavitve varnostnega kopiranja in preverite mesto varnostnih kopij. (0x81000006).
 
Error: (12/21/2016 07:30:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/21/2016 07:29:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Napačno ime programa: NBAgent.exe, različica: 15.2.7.14, časovni žig: 0x5428e839
Napačno ime modula: NBAgent.exe, različica: 15.2.7.14, časovni žig: 0x5428e839
Koda izjeme: 0xc0000005
Napačen odmik: 0x00026e56
Napačen id procesa: 0xb80
Napačen začetni čas programa: 0x01d25bb7fdde2147
Napačna programska pot: C:\Program Files (x86)\Nero\Nero BackItUp\NBAgent.exe
Napačna pot modula: C:\Program Files (x86)\Nero\Nero BackItUp\NBAgent.exe
Id poročila: 5a9d5658-c7ab-11e6-bedd-1458d0c7fc30
 
Error: (12/21/2016 07:28:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: NBAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
   at <Module>._wWinMainCRTStartup()
 
Error: (12/20/2016 09:06:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/20/2016 08:21:07 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Varnostno kopiranje ni bilo končano, ker je prišlo do napake pri zapisovanju na mesto za varnostne kopije E:\. Napaka je: Mesta za varnostne kopije ni mogoče najti ali ni veljavno. Preglejte nastavitve varnostnega kopiranja in preverite mesto varnostnih kopij. (0x81000006).
 
Error: (12/19/2016 07:46:21 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Varnostno kopiranje ni bilo končano, ker je prišlo do napake pri zapisovanju na mesto za varnostne kopije E:\. Napaka je: Mesta za varnostne kopije ni mogoče najti ali ni veljavno. Preglejte nastavitve varnostnega kopiranja in preverite mesto varnostnih kopij. (0x81000006).
 
 
System errors:
=============
Error: (12/22/2016 01:06:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Storitev »Spybot-S&D 2 Scanner Service« se ni uspela zagnati zaradi te napake: 
Storitev se ni pravočasno odzvala na krmilno zahtevo ali na zahtevo za začetek.
 
Error: (12/22/2016 01:06:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Pri čakanju, da storitev Spybot-S&D 2 Scanner Service vzpostavi povezavo, je bila dosežena časovna omejitev (30000 milisekund).
 
Error: (12/22/2016 01:05:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Storitev »Spybot-S&D 2 Scanner Service« se ni uspela zagnati zaradi te napake: 
Storitev se ni pravočasno odzvala na krmilno zahtevo ali na zahtevo za začetek.
 
Error: (12/22/2016 01:05:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Pri čakanju, da storitev Spybot-S&D 2 Scanner Service vzpostavi povezavo, je bila dosežena časovna omejitev (30000 milisekund).
 
Error: (12/22/2016 01:04:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Storitev »Nero BackItUp Background Service« se ni uspela zagnati zaradi te napake: 
Storitev se ni pravočasno odzvala na krmilno zahtevo ali na zahtevo za začetek.
 
Error: (12/22/2016 01:04:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Pri čakanju, da storitev Nero BackItUp Background Service vzpostavi povezavo, je bila dosežena časovna omejitev (30000 milisekund).
 
Error: (12/21/2016 07:31:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Storitev »Spybot-S&D 2 Scanner Service« se ni uspela zagnati zaradi te napake: 
Storitev se ni pravočasno odzvala na krmilno zahtevo ali na zahtevo za začetek.
 
Error: (12/21/2016 07:31:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Pri čakanju, da storitev Spybot-S&D 2 Scanner Service vzpostavi povezavo, je bila dosežena časovna omejitev (30000 milisekund).
 
Error: (12/21/2016 07:30:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Storitev »Spybot-S&D 2 Scanner Service« se ni uspela zagnati zaradi te napake: 
Storitev se ni pravočasno odzvala na krmilno zahtevo ali na zahtevo za začetek.
 
Error: (12/21/2016 07:30:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Pri čakanju, da storitev Spybot-S&D 2 Scanner Service vzpostavi povezavo, je bila dosežena časovna omejitev (30000 milisekund).
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 31%
Total physical RAM: 8064.11 MB
Available physical RAM: 5510.14 MB
Total Virtual: 16126.4 MB
Available Virtual: 13453.63 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:698.54 GB) (Free:217.29 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A5703559)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

#2 seedy21

seedy21

    Advanced Forum Junkie

  • Administrator
  • 120 posts
  • Gender:Male
  • Location:West Yorkshire, UK
  • Interests:IT, malware removal and Radio Stations

Posted 27 December 2016 - 12:39 PM

Hello winersnicl and Welcome to 247Fixes

I'm Seedy21 and I will be helping you with your issues.

Please note the following information about the malware forum:

  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by me
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • Please reply within 48 hours, if you are going to be away for longer please let us know or the topic will be closed for been inactive
  • If you are using Cracked or Illegal software your thread will be closed
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close.

Step 1
 
ckscanner.jpg Scan with CKScanner

Download CKScanner by askey127 and save it to your desktop.

  • Right-click on ckscanner.jpg icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • click Search For Files.
  • When finished, click Save List To File.
  • Remember to run this tool once only, if not asked to run it again.

Please include the content of CKFiles.txt in your next reply.
 
 
Step 2
 
We Need to Diagnose a Possible Problem with WGA
This may be preventing you from installing that service pack.

  • Double click the mgadiag.png icon on your desktop.
  • Click Continue
  • Click Copy
  • Go to Start -> Run and type in "Notepad"
  • Go to Edit -> Paste in notepad.
  • x out all of the numbers and letters in the line beginning with "Windows Product Key:"
  • Copy and paste that log here.


#3 winersnicl

winersnicl

    New Member

  • Member
  • Pip
  • 9 posts

Posted 27 December 2016 - 01:48 PM

Hi,
 
I am replying with logs:
 
CKFiles.txt:
 
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\!!!dokumenti za backup\!!!jernej - pomembni dokumenti\!euro coins\katalogi emule\krause - world paper money catalog 1348-1960\pic_1348_1960\program\winzip.80\crack\wzcrack.exe
c:\!!!dokumenti za backup\!!!setup programs\acdsee\acdsee 4.0 crack.exe
c:\!!!dokumenti za backup\!!!setup programs\acdsee\acdsee v4.0 keygen.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\autorun.inf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero.ico
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\setup.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\setupx.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1028.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1029.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1030.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1031.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1032.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1033.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1034.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1035.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1036.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1038.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1040.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1041.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1042.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1043.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1044.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1045.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1046.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1049.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1051.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1053.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1054.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1055.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\1060.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\13322.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\2052.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\2070.mst
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\nerosuite.msi
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setupx.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0091dfa6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0093a6d4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\00a7e2a4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\00af7559.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\02094fa5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\026029f8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\02b5625a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\02b61dd4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\02e2e2b7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\03655ce2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\036a4f78.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\039572d6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0397e2e3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0433eda1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0442d9ac.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\044bfb2e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0534255d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\056821ae.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\064ce5d3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\069ee097.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\07f0fd1e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0838c88d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\083c7124.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\085dcbd9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\086c5bae.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\087902b7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\09fca0b6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0a72fafe.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0aa0a4ea.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0aa3bfbd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0ac2f1eb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0ccf2898.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0e06f6c9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0e4ec0db.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0e4ece8f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0f1ca169.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0f955880.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0f992b88.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0fb02da5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0fe913c2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0ff4a6a6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\0ff9bee6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\10da511a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\10e5866b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\114227b6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\116e21f3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1176346d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\118d0342.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\12088b9a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\12323145.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\12382873.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\124130f2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\12e14200.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\13ad1f69.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\13aebce8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\13b79d48.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\13e5b869.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\13e97dbd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\144ee5b7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1461dbd4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\147c09d4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\148601f4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\15f1ba5d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\15f1bf05.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\166a8dbe.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\167a197b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\16a2d6df.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\16a961dd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\16caf853.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\17028758.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\171007fc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\178a3898.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\179646d3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\188c6385.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\18be2fa6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\197cda14.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\19ab77fd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\19abcdd9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1a8309d8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1afe9286.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1b05d29f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1b13eaae.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1bcb78cb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1bd23146.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1bda41ae.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1bffaa3c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1c14767a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1cc67add.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1dba2d88.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1eac3426.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1f51461e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\1f733c43.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\20928447.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2255adf9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2258c72a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\227b4cc5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2286f705.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2292a767.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\22da4319.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\230d9d97.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\232a69cb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\232d52e3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\23f10299.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2433683e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2480d97c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2661e89a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\26c58a5c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\26d01237.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\270d99e4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2758bcce.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\283e344a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\28507daa.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\28534354.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\28740398.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\28e70b86.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\290650c3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\291c6b1b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\29b1a483.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\29e150c3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2a677c44.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2ac7fba3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2b2b1ef0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2b476510.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2b5367ad.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2b5ae643.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2b880e22.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2d198425.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2d7c07af.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2db2c3df.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2dcb8823.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2dcdf6d4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2f1f52d4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2f78ca47.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\2fe3935c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\307c0b60.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\309ef286.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\30b4d572.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\30cb9049.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\30efd563.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\30f1e19c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\310b79d5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\318eb8f3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\31a3eeae.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\31bd4a74.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3224b1d6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\32720589.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\32b004d8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\32e5dc65.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\32f0408c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\33a24a42.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\33c3ca18.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\33d34b7c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\33f60684.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\340055af.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\344e5cc1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\34514795.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3458ba8e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3512e120.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3675b7dc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\37314478.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3732feac.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\374277b7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3757f0f2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\375af31c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\38d33b79.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\39aa3e89.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\39aafd11.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3abb6571.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3ac46198.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3b85178b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3bee10e0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3cbe1302.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3d1d3515.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3d597f05.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3d9ac398.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3d9ac5e4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3dd4b1d0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3e870349.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3f0cd827.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\3f26c5a8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\402caded.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\402db0fc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\405d0351.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\40f99283.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\41decc18.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\42529aa4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4254f9fe.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\42a8ba9b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\432ce95c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\43b7a940.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\43dbcc51.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4490c085.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\44b1d01c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\44d569b6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\44e5ce63.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\45061f74.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\452819b8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4572cb85.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\458d1a38.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\460119e7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4627a0fc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\47716991.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\47868042.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\47cf1ee9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\48205dd8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\490589a9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\49b52b36.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4a139572.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4aa394a6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4aa519ba.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4b1da090.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4bd169fc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4c880e5f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4c94a50b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4c9660e1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4ca3a006.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4cb7c393.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4cc8d4ca.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4d27f1d0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4d6c9901.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4d78f72b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4d801849.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4e0e41e6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4e10a9ad.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\4eda67ad.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\50ced059.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\517677d8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\52c88ca0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\53429149.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\536772e3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\53c646c8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\53c65fc4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\53df754d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\542b4fa3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\550c397d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\55abd8ed.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\55ac5a95.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\55bf0434.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\55c095bc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\55c12322.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\55c8dfe3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5622c19a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\569853a2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\57710c0f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\57d91176.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5940ed76.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5986d77c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5ac5ce11.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5ad0fe08.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5af57742.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5b48f778.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5bb10d9b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5be42855.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5c2b4d49.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5c424a68.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5c42cdb5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5c4f9b7f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5c5c6cea.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5d2b53a4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5dd4823e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5f258981.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\5f3c5b18.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6022f1c3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\60e5eba7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\61b9fc5f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\62b880f1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\633d0500.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\63f014af.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\646e175b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\64855b3d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\648763b4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\649e73bc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\64a80095.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\64b194c7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\64e121a0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\650b64bf.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\651f15c2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\655f0590.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\66285aa2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\66f75dcc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\67652b59.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\67c47ad5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\683c0904.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\691545be.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\69beb4c1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6a6d9092.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6a773677.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6aa758ca.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6bc94a4f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6bcdeb3f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6bf9fee8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6cc986c9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6ce6f46a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6ce8797e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6d01483d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6d30d8b7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6d4fa3a0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6d5210b1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6d58c8c3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6d821ff5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6d8391ad.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6e14827a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6e846193.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6ef292b8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6f99cc65.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6f9ce7fb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\6f9cfeab.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\709625ac.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\70c09ee7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\70d0988c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\71550b3f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\71e8bdb1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\72e50e2d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\73147ff3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7367966c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\741e97cf.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\74312160.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\743f27e2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\74bc94b2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\74d7e717.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\75008602.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\757d7ab7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7597b565.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\759ee429.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\75a88c6a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\75b86cad.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\75e73656.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\763f0fee.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\770b8a81.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7851761c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\789c0a70.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\78c8defd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\79320352.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7938dc7d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7a651f1b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7ab7a0cd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7c0a677f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7c0b4a6c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7c0ff302.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7c1233a3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7cff0e5b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7d1f318f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7d6c7145.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7de461a1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7e3388b9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7e74347d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7f0f00ab.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7f18b095.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7fc63b91.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\7fed80e8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\804012c9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\80dcae93.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\80fcc66f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\816a538d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\818e7090.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8198544c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\81ec06df.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\82340f98.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8257373d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\833b550d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\83bffa7a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\83d029be.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8464bf82.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\84661934.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\851238c7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8550b4ed.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\85f58eac.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8678cc77.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\86a3c66a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\86c4f461.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\86fa6cba.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8898977b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\88f1a236.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\89c0d81c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8a3d123e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8b088dd2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8b2a99b1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8b2dcdfe.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8b35e628.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8bcc9868.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8bcd0fc8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8c1e320a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8c4e0ff5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8c8bd4a9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8c8f6034.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8cbcf6eb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8d2b5a47.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8de0dc94.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8e8802b8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8f16ccfd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8f744c8b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8f8041c9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\8fb4fa9a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\90436a8f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\90847e8e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9095bc16.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\90b53733.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\91eaba6b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9208797c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\92533a3b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\92820133.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\929e38d0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\933adb10.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\933bfd29.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\93679e38.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\939de388.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\93fec740.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\941af0f7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\94cc6767.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\94df3925.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\94f744f9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\95a2f699.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\95c08849.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\96233c42.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9627850a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\967929cb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\96f3af69.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\972e205a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\97602cb6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\977e7fe9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\97e086cb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\982fb02e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\996626ef.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\99a805e9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\99cc5e67.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\99e66dab.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9a699a76.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9ab2fdf9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9b602b55.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9b633ede.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9c242837.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9cd1da53.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9d4a9e4c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9d5152d9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9d55da5e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9e4f80cf.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9fca539a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9fd32d39.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\9fedefdc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a0b58737.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a0e09d82.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a0fb04b0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a1949a75.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a396eac7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a3f174fe.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a40f986d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a483d9cf.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a51b2b31.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a5ce7ff6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a5dc0d9e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a5e66e0c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a6521dc6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a69b58de.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a6bedac7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a6cc2102.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a75a2f67.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a75c16d6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a77cf484.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a871264e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a8a2207a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a8f23373.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\a987fd7c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\aa122d81.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\aa46df6e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\aab92cd2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ab75a168.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\abefc656.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\abf9623f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ac68191b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ad26fa54.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\adb2cf4c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\adbe16a6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\add7b9e2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ae0cc24f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ae89f27e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\aeb89cfb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\aec23a39.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\aec41bab.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\afc2f279.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b07c10a5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b088f78d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b10e964b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b119ff60.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b1eff3e9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b227ce59.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b26571f4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b283e8ec.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b2a7fbfd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b2b4033b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b2d7621c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b32fc45b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b335c1ff.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b33be342.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b36a370c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b39dcc97.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b4056539.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b42a668f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b4753396.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b476f47a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b48f0e45.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b4cafde0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b5711af1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b60b4103.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b64a6d5a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b655b9b1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b6f3f7b6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b7b2933b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b7b4c017.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b7bb4763.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b7c19939.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b7da3c64.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b866a3c7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b907aecf.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b9367878.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\b9d6c5ab.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ba8315c1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ba8c7402.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ba97e870.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\baa55e11.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bab130e2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bac6a2c9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bb062ac3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bb22618d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bb61c0a0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bc7cc138.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bc926103.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bd558848.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bd736a3c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bd834824.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bec1b2a9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bf6cc2dc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bf744bd5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bfbb123e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\bfceb6df.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c211b057.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c2b04e0c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c2eda3a1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c3a5060f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c3c6caf6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c3ca2061.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c3d013ad.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c41f5461.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c45458c9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c4ec2fa5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c4f9a440.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c515cff5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c5ec68c3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c5f53372.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c617406a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c63ec46e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c65395a1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c7284c18.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c732cc43.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c73538a8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c7b1ba66.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c7fa21f8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c7fa4300.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c8ba8deb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c8c38005.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c8e16b4e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c94f4598.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c9571318.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\c9ac2056.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ca24041c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ca510d83.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ca520620.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\cb755709.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\cb82d55a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\cbaa0d8e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\cbabb068.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\cc458ee5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\cc8c4f51.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ccff8dbb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\cdd61ded.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\cdf69db2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ce86bcab.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ceaadfbc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\cf24f8ba.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\cffb33bf.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d01c38e6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d02087bc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d10caadd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d1249d9b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d18eb57d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d1d0398b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d2006537.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d2aeb9e5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d3092d54.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d30ab2cd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d30b5432.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d30ee123.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d3dedc85.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d4a8dbcb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d4abe3ed.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d4c0d539.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d4d232ed.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d5698203.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d6bd8520.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d6c89e66.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d6d0207b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d83967b9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d84d9fbe.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d8524f6c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d86bcb92.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d87c6a6d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d8c2d853.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d8dba457.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d90a1959.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\d9d7b561.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\da460714.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dac67dd7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\db35235e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\db3e4373.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dbd786bc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dbdac948.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dc5afa97.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dc682368.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dcbb35dc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dcf6c69e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dd1c7d78.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dd3aacfd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dd3f1ec1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dd885431.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\de2128cb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\de2e21ff.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\df97b9e5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\dfa5c3ea.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e07aeeb9.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e07b7c2f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e0abaa20.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e0c0b929.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e16b9de2.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e1727ac1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e178cc35.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e204117f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e2157285.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e2b1a3de.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e2b1bcea.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e2c0dffb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e2cd8eab.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e3342ac8.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e35fec3b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e36a8bcd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e36d53c3.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e3bb7f00.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e42a8ee5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e4cbdabc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e5557fdd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e5ce5d28.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e63c3c70.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e6743458.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e682eb32.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e72e71e4.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e73744ed.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e7abc649.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e7ff0e4e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e89c3c72.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e8a2e2fe.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e8be0846.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e9316cc1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\e9c8741e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ea8a30b1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\eac67aa0.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\eac8eaad.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ead29bfa.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\eb4cda42.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ec091e61.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ec203396.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ec69cd36.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ecfeac4f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ee093181.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ee41bb1a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ee5d0374.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\ee5f0e4d.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\efc366d7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\efdfa9dc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f006035a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f0744a2f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f0aa6962.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f1f791f6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f1fa991e.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f21f2533.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f230c46f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f26c411a.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f2929cc5.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f33c46ed.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f3c0a037.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f3c38df7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f3cf01c1.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f3d33bdc.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f46c75e6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f54191c7.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f550d992.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f5f1a488.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f6a49fee.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f6b338bf.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f6bf035b.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f7284565.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f75dc97c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f78a5f23.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f7988ca6.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f8001e87.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f85341be.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f8eb309f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f94a7963.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f9874cbb.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f9e8ee28.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\f9fee7df.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\fa3c5b56.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\fa76a97c.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\fbed8486.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\fc2cec4f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\fc5c41bd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\fc8a6735.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\fc8ec0fd.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\fd02fece.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\fd4cae4f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\fee8a15f.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\cab\fefeaead.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\50comupd.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\instmsia.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\instmsiw.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\int_allfiles.info
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\shfolder.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\wmfadist.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\wmfdist.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\config\conf.txt
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\config\int_allfiles.info
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\directx\bda.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\directx\bdant.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\directx\bdaxp.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\directx\directx.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\directx\dsetup.dll
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\directx\dsetup32.dll
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\directx\dxnt.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\directx\dxsetup.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\directx\manageddx.cab
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\ms\int_allfiles.info
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\ms\system\asycfilt.dll
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\ms\system\comctl32.ocx
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\ms\system\int_allfiles.info
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\ms\system\mfc42.dll
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\ms\system\msvcirt.dll
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\ms\system\msvcp60.dll
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\ms\system\msvcrt.dll
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\ms\system\oleaut32.dll
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\ms\system\olepro32.dll
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\ms\system\stdole2.tlb
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\tts\agtx0407.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\tts\instmsia.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\tts\instmsiw.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\tts\msagent.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\tts\setup.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\tts\setup.ini
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\tts\spchapi.exe
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\redist\tts\ttsinstalleruniversal.msi
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_chs.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_cht.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_deu.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_eng.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_esp.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_fra.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_ita.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_jpn.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_kor.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_nld.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_ptg.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\eula_sve.rtf
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\nero 7 premium\setup\nps.dll
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\redist\trch._ex
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\redist\images\info\thumbs.db
c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp\nero7\redist\images\logo\default\thumbs.db
c:\!!!dokumenti za backup\!!!setup programs\nero 10.0 + serials en keygen - divxnl-team\divxnl-team nfo read before playing!.txt
c:\!!!dokumenti za backup\!!!setup programs\nero 10.0 + serials en keygen - divxnl-team\instructies +serial.txt
c:\!!!dokumenti za backup\!!!setup programs\nero 10.0 + serials en keygen - divxnl-team\nero 10 informatie.txt
c:\!!!dokumenti za backup\!!!setup programs\nero 10.0 + serials en keygen - divxnl-team\nero-10.0.13100.exe
c:\!!!dokumenti za backup\!!!setup programs\nero 10.0 + serials en keygen - divxnl-team\torrent downloaded from demonoid.com.txt
scanner sequence 3.ZZ.11.OSNAVZ
 ----- EOF ----- 
 
Step 2 report:
 
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
 
Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-xxxxx-xxxxx-xxxxx
Windows Product Key Hash: xxxxxxxxxxxxxxxxxxxxxxxxx
Windows Product ID: 00426-OEM-8992662-00010
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {4FCA95E0-3DF1-4891-8440-FC8EE1CFF5EE}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_ldr.161011-0600
TTS Error: 
Validation Diagnostic: 
Resolution Status: N/A
 
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
 
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
 
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
 
OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-b01a_E2AD56EA-766-0_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005
 
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
 
File Scan Data-->
 
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{4FCA95E0-3DF1-4891-8440-FC8EE1CFF5EE}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-2C9T3</PKey><PID>00426-OEM-8992662-00010</PID><PIDType>2</PIDType><SID>S-1-5-21-111603173-2415600283-1906868864</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP ProBook 470 G2</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>M74 Ver. 01.03</Version><SMBIOSVersion major="2" minor="7"/><Date>20140707000000.000000+000</Date></BIOS><HWID>675F3207018400FC</HWID><UserLCID>0424</UserLCID><SystemLCID>0424</SystemLCID><TimeZone>Srednjeevropski standardni čas(GMT+01:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-WKS</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>9FAA4BD38F80588</Val><Hash>PD4fQFBMbwsscv1f4uYvaanAUSE=</Hash><Pid>89388-708-0304482-65299</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>  
 
Spsys.log Content: 0x80070002
 
Licensing Data-->
Software licensing service version: 6.1.7601.17514
 
Name: Windows® 7, Ultimate edition
Description: Windows Operating System - Windows® 7, OEM_SLP channel
Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00426-00178-926-600010-02-1060-7601.0000-2882014
Installation ID: 021421914563102671330035261242085846661064946276639514
Processor Certificate URL: http://go.microsoft....k/?LinkID=88338
Product Key Certificate URL: http://go.microsoft....k/?LinkID=88340
Partial Product Key: 2C9T3
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 27.12.2016 14:11:55
 
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 11:13:2016 07:23
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
 
 
HWID Data-->
HWID Hash Current: NAAAAAEAAgABAAIAAQACAAAAAgABAAEAln2gR0bLNve6347y4gQgpxqAYot6OZrpvlq6eg==
 
OEM Activation 1.0 Data-->
N/A
 
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information: 
  ACPI Table Name OEMID Value OEMTableID Value
  APIC HPQOEM 2249    
  FACP HPQOEM 2249    
  HPET HPQOEM 2249    
  MCFG HPQOEM 2249    
  ASF! HPQOEM 2249    
  TCPA HPQOEM 2249    
  SSDT HPQOEM SataAhci
  SSDT HPQOEM SataAhci
  FPDT HPQOEM 2249    
  BGRT HPQOEM 2249    
  SSDT HPQOEM SataAhci
  SSDT HPQOEM SataAhci
  SSDT HPQOEM SataAhci
  SSDT HPQOEM SataAhci
  SSDT HPQOEM SataAhci
  SLIC HPQOEM SLIC-WKS


#4 seedy21

seedy21

    Advanced Forum Junkie

  • Administrator
  • 120 posts
  • Gender:Male
  • Location:West Yorkshire, UK
  • Interests:IT, malware removal and Radio Stations

Posted 27 December 2016 - 08:36 PM

Hello winersnicl
 
warning.gif illegal / Cracked software warning!

Before I can offer my help I need to warn you that you have illegal/Cracked Software and on your Machine. Not only is this not legal it's an security risk.
 
I will need you to Uninstall  Nero and also delete c:\!!!dokumenti za backup\!!!setup programs\ahead nero 7 premium multilang with keygen cd version by verdigo dcp.
 
Once done I will need you to re-run CKScanner and re-run FRST and post your logs. If you dont wish to delete the software, we will have to lock this topic.
 
Thanks



#5 winersnicl

winersnicl

    New Member

  • Member
  • Pip
  • 9 posts

Posted 28 December 2016 - 01:14 PM

Hello seedy21,

 

Ok, I have uninstalled and deleted some problematic software.

 

 

Plese, help me clean the rest.

 

Thanks.

 

CKScanner log:

 

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad

scanner sequence 3.RP.11.IINALZ
 ----- EOF ----- 
 
FRST log:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Jernej (administrator) on JERNEJ-PC (28-12-2016 13:38:05)
Running from C:\Users\Jernej\Desktop\CLEANING VIRUSES 8.2016\247fix...22.12.16
Loaded Profiles: Jernej (Available Profiles: Jernej)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: slovenščina (Slovenija)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\RtkBleServ.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Jernej\Desktop\CLEANING VIRUSES 8.2016\247fix...22.12.16\CKScanner.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7574896 2014-04-16] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818288 2014-04-07] (Synaptics Incorporated)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-10] (Intel Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [419512 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-11-20] (Raptr, Inc)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [DU Meter] => "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [proxsign] => C:\Program Files (x86)\SETCCE\proXSign\bin\pxkill.exe [31232 2015-11-19] ()
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {57533554-0c1e-11e6-8cc9-38b1db9df968} - G:\CDCheck.exe
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {57533558-0c1e-11e6-8cc9-38b1db9df968} - H:\CDCheck.exe
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {b0f96005-d93e-11e5-810c-38b1db9df968} - E:\autorun.exe
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {b0f9601c-d93e-11e5-810c-38b1db9df968} - F:\autorun.exe
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
Startup: C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe [2016-08-26] (Leader Technologies)
Startup: C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe [2016-08-26] ()
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 84.255.209.79 84.255.210.79 192.168.1.1
Tcpip\..\Interfaces\{518C50D0-A0EB-426F-84AC-5A094662A6E1}: [DhcpNameServer] 84.255.209.79 84.255.210.79 192.168.1.1
Tcpip\..\Interfaces\{9374EDE6-2510-4D46-8FD1-8C9E69478EAC}: [DhcpNameServer] 10.0.1.197 10.0.1.198
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131266346688107570&GUID=1664DB10-ECE5-43AE-B976-1FB3994CEC74
SearchScopes: HKU\S-1-5-21-111603173-2415600283-1906868864-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-111603173-2415600283-1906868864-1000 -> is enabled.
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
 
FireFox:
========
FF ProfilePath: C:\Users\Jernej\AppData\Roaming\Mozilla\Firefox\Profiles\mivnq7jh.default [2016-12-27]
FF NewTab: Mozilla\Firefox\Profiles\mivnq7jh.default -> C:\\ProgramData\\oceps\\ff.NT
FF Homepage: Mozilla\Firefox\Profiles\mivnq7jh.default -> C:\\ProgramData\\oceps\\ff.HP
FF Extension: (BitComet Video Downloader) - C:\Users\Jernej\AppData\Roaming\Mozilla\Firefox\Profiles\mivnq7jh.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014-10-26] [not signed]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.si/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default [2016-12-28]
CHR Extension: (Google Diapozitivi) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-10]
CHR Extension: (Google Dokumenti) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-10]
CHR Extension: (Google Drive) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-25]
CHR Extension: (YouTube) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-09]
CHR Extension: (Google Search) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-25]
CHR Extension: (Google Preglednice) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-10]
CHR Extension: (Google Dokumenti brez povezave) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Skype) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-28]
CHR Extension: (Plačila v spletni trgovini Chrome) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-25]
CHR Extension: (Gmail) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-10]
CHR Extension: (Chrome Media Router) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [42496 2013-04-25] (Realtek Semiconductor Corporation) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-02-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-02-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-22] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2016-12-28] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2016-12-28] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2016-12-28] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [552448 2014-04-01] (Realtek Semiconductor Corporation)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3402968 2014-04-11] (Realtek Semiconductor Corporation                           )
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-27 14:12 - 2016-12-27 15:02 - 00000000 ____D C:\MGADiagToolOutput
2016-12-27 14:11 - 2016-12-27 14:11 - 00000000 ____D C:\ProgramData\Office Genuine Advantage
2016-12-22 11:49 - 2016-12-28 10:54 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2016-12-22 11:49 - 2016-12-28 10:54 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2016-12-22 11:49 - 2016-12-28 10:53 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-22 11:49 - 2016-12-28 10:53 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-22 11:49 - 2016-12-22 11:49 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2016-12-22 11:48 - 2016-12-22 11:48 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-22 11:48 - 2016-12-22 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-22 11:48 - 2016-12-22 11:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-22 11:48 - 2016-12-22 11:48 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-22 11:48 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2016-12-22 11:05 - 2016-12-22 11:05 - 03021667 _____ () C:\Program Files\Common Files\nxqix2v4.exe
2016-12-22 11:02 - 2016-12-22 11:02 - 03021667 _____ () C:\Program Files\Common Files\vczke5tf.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\tvp0ztb2.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\sfgifsmn.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\mkool4nz.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\kukhs5yc.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\keeflik3.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\ivnncg3v.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\fuizqtnt.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\bj4smrpj.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\3q4nu04v.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 03021667 _____ () C:\Program Files\Common Files\3fzkvfce.exe
2016-12-21 19:42 - 2016-12-21 19:42 - 03021720 _____ () C:\Program Files\Common Files\wugd3s1k.exe
2016-12-21 19:42 - 2016-12-21 19:42 - 03021720 _____ () C:\Program Files\Common Files\oe5rxgmy.exe
2016-12-21 19:41 - 2016-12-21 19:42 - 03021720 _____ () C:\Program Files\Common Files\uowpj54y.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\vwsegdek.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\rsgzqio1.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\qs1mlvay.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\p1qnbqql.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\cj2zwhls.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\4pje2usj.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 03021720 _____ () C:\Program Files\Common Files\3hmbjydh.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\xdcfvull.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\u5e3xqwm.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\sdd5fdmt.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\otfg1co3.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\e15zwtfd.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\c4jrup5i.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\bev1tt0w.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 03021720 _____ () C:\Program Files\Common Files\3crnd5s4.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 03021720 _____ () C:\Program Files\Common Files\xwfp3nce.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 03021720 _____ () C:\Program Files\Common Files\tcxzcyiq.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 03021720 _____ () C:\Program Files\Common Files\olf1kjhh.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 03021720 _____ () C:\Program Files\Common Files\jwnivu1w.exe
2016-12-21 19:38 - 2016-12-21 19:38 - 03021720 _____ () C:\Program Files\Common Files\tvxpfunq.exe
2016-12-20 09:05 - 2016-12-20 09:05 - 03675644 _____ C:\Users\Jernej\Downloads\6163430.pdf
2016-12-20 09:02 - 2016-12-20 09:02 - 03652374 _____ C:\Users\Jernej\Downloads\6163429.pdf
2016-12-20 08:56 - 2016-12-20 08:56 - 05901059 _____ C:\Users\Jernej\Downloads\6114395.pdf
2016-12-19 14:08 - 2016-12-19 14:08 - 03021071 _____ () C:\Program Files\Common Files\dqf0nuhv.exe
2016-12-19 13:39 - 2016-12-19 13:39 - 03021071 _____ () C:\Program Files\Common Files\oqhrpyau.exe
2016-12-19 11:37 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-19 11:37 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-19 11:37 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-19 11:37 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-19 11:37 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-19 11:37 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-19 11:37 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-19 11:37 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-19 11:37 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-19 11:37 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-19 11:37 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-19 11:37 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-19 11:37 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-19 11:37 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-19 11:37 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-19 11:37 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-19 11:37 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-19 11:37 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-19 11:37 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-19 11:37 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-19 11:37 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-19 11:37 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-19 11:37 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-19 11:37 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-19 11:37 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-19 11:37 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-19 11:37 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-19 11:37 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-19 11:37 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-19 11:37 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-19 11:37 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-19 11:37 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-19 11:37 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-19 11:37 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-19 11:37 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-19 11:37 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-19 11:37 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-19 11:37 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-19 11:37 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-19 11:37 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-19 11:37 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-19 11:37 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-19 11:37 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-19 11:37 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-19 11:37 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-19 11:37 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-19 11:37 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-19 11:37 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-19 11:37 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-19 11:37 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-19 11:37 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-19 11:37 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-19 11:37 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-19 11:36 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-19 11:36 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-19 11:36 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-19 11:36 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-19 11:36 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-19 11:36 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-19 11:36 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-19 11:36 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-19 11:36 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-19 11:36 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-19 11:36 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-19 11:36 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-19 11:36 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-19 11:36 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-19 11:36 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-19 11:36 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-19 11:36 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-19 11:36 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-19 11:36 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-19 11:36 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-19 11:36 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-19 11:36 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-19 11:36 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-19 11:36 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-19 11:36 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-19 11:36 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-19 11:36 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-19 11:36 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-19 11:36 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-19 11:36 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-19 11:36 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-19 11:36 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-19 11:36 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-19 11:36 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-19 11:36 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-12-19 11:36 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-12-19 11:36 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-12-19 11:36 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-12-19 11:36 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-12-19 11:36 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-12-19 11:36 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-19 11:36 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-19 11:36 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-19 11:36 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-12-19 11:36 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-19 11:36 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-12-19 11:36 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-19 11:36 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-19 11:36 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-19 11:36 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-12-19 11:36 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-12-19 11:36 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-19 11:36 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-19 11:36 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-12-19 11:36 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-12-19 11:36 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-19 11:36 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-19 11:36 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-19 11:36 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-19 11:36 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-19 11:36 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-19 11:36 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-19 11:36 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-19 11:36 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-19 11:36 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-19 11:36 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-19 11:36 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-12-19 11:36 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-19 11:36 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-19 11:36 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-12-19 11:36 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-19 11:36 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-19 11:36 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-19 11:36 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-19 11:36 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-12-19 11:36 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-12-19 11:36 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-12-19 11:36 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-19 11:36 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-19 11:36 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-19 11:36 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-19 11:36 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-19 11:36 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-12-19 11:36 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-19 11:36 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-12-19 11:36 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-12-19 11:29 - 2016-12-19 11:29 - 03021081 _____ () C:\Program Files\Common Files\kbsen10d.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 03021081 _____ () C:\Program Files\Common Files\jkol1wsz.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 03021081 _____ () C:\Program Files\Common Files\ixyljokq.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 03021081 _____ () C:\Program Files\Common Files\euu02fii.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 03021081 _____ () C:\Program Files\Common Files\2ozgoojj.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\zu3awbg2.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\zshdiv54.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\ywh20yst.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\wuf4xr5f.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\vhgrdcjw.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\v2mqzgiv.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\rgmctvpo.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\rb5gu2a4.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\pt2bgm5a.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\kti2cpft.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\krdcyofl.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\kmvjzs2c.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\kdfdw1nx.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\jnd1lkzy.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\ipymryka.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\gypr5lcy.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\fyxzggo4.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\fm0btic2.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\eh44yp5b.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\eesjskqo.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\crftw0hg.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\cqd4ru0n.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\cqcpdayj.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 03021177 _____ () C:\Program Files\Common Files\33nzp3ds.exe
2016-12-15 23:40 - 2016-12-15 23:40 - 03020666 _____ () C:\Program Files\Common Files\4yckbatn.exe
2016-12-15 22:40 - 2016-12-15 22:40 - 03020746 _____ () C:\Program Files\Common Files\vl1ychoa.exe
2016-12-15 21:40 - 2016-12-15 21:40 - 03020650 _____ () C:\Program Files\Common Files\k5s5jr3c.exe
2016-12-15 20:40 - 2016-12-15 20:40 - 03020706 _____ () C:\Program Files\Common Files\gidl3212.exe
2016-12-15 19:40 - 2016-12-15 19:40 - 03020700 _____ () C:\Program Files\Common Files\eldcccjx.exe
2016-12-15 18:39 - 2016-12-15 18:39 - 03020768 _____ () C:\Program Files\Common Files\4mjjul5p.exe
2016-12-15 18:06 - 2016-12-15 18:06 - 03020738 _____ () C:\Program Files\Common Files\1w31tty5.exe
2016-12-15 17:56 - 2016-12-15 17:56 - 03020682 _____ () C:\Program Files\Common Files\4avdldsz.exe
2016-12-15 17:55 - 2016-12-15 17:55 - 03020682 _____ () C:\Program Files\Common Files\kpbsvgsf.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\zoc0wpej.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\zm3eqna5.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\vnliupbx.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\rxdu4hxh.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\ngwslksm.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\jb44irkl.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\j4yr4toi.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\hmgtsovy.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\fzpkj1kt.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\e3ee5qol.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\do3zwpeu.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\csji25pz.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\bru4lzu0.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\ari0p41n.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\aluxhvc5.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\5z5ytn0z.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\3xjp4ttv.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\31upcpzi.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 03020682 _____ () C:\Program Files\Common Files\2l3ciwb3.exe
2016-12-14 22:11 - 2016-12-14 22:11 - 00001119 _____ C:\Users\Public\Desktop\Hofer foto storitve.lnk
2016-12-14 22:06 - 2016-12-14 22:10 - 00000000 ____D C:\Program Files (x86)\Hofer foto storitve
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\xxn1ycch.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\wwsrc0yl.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\tv0asxre.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\syk044vm.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\qaublevw.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\nh0tvqsi.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\lrnrnctq.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\lndi0yuu.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\jrjms1r2.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\itmi3qly.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\hplueezn.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\hc430lux.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\gz25frol.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\a42t5mkl.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\a1jy3ptn.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\5m1b40zw.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\5cmfddtd.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\3fpc2g5z.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\34vjp4is.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\2qpcohij.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\0mihtvzr.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\0gphgoj2.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\0e1innp3.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 03020767 _____ () C:\Program Files\Common Files\001dk12b.exe
2016-12-13 11:12 - 2016-07-22 15:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-12-13 11:12 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-12-13 11:05 - 2016-12-13 11:06 - 02950710 _____ () C:\Program Files\Common Files\orijtx1e.exe
2016-12-13 11:05 - 2016-12-13 11:05 - 02950710 _____ () C:\Program Files\Common Files\h1ialekr.exe
2016-12-13 10:05 - 2016-12-13 10:05 - 02929304 _____ () C:\Program Files\Common Files\vuvcjowk.exe
2016-12-13 10:02 - 2016-12-13 10:02 - 02929304 _____ () C:\Program Files\Common Files\2czivodn.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 02954451 _____ () C:\Program Files\Common Files\sapjv1qo.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 02954451 _____ () C:\Program Files\Common Files\p4d4ysvq.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 02954451 _____ () C:\Program Files\Common Files\euhfpce5.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 02954451 _____ () C:\Program Files\Common Files\eetjjixn.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 02955407 _____ () C:\Program Files\Common Files\sxymutwi.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 02955407 _____ () C:\Program Files\Common Files\rx5mudb2.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 02955407 _____ () C:\Program Files\Common Files\fbik4zax.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 02955407 _____ () C:\Program Files\Common Files\0mbeyhao.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\scsrrdb0.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\fcsmii5k.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\cwdxd4aj.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\5xri25eq.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\2hyvckgp.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 02955407 _____ () C:\Program Files\Common Files\1m2oaq2i.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\yg4vbnnx.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\rwn4isn4.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\micw0en0.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\m5gksziz.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\k0dt5xyl.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 02955407 _____ () C:\Program Files\Common Files\ipf30phh.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\ysri4jqx.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\yjfiyns5.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\y4kf4lua.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\y2ugcrze.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\uhawpzv4.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\qiqf403k.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\ncwu3opx.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 02955407 _____ () C:\Program Files\Common Files\commluf1.exe
2016-12-10 08:11 - 2016-12-10 08:11 - 02956128 _____ () C:\Program Files\Common Files\nrylwlas.exe
2016-12-10 08:11 - 2016-12-10 08:11 - 02956128 _____ () C:\Program Files\Common Files\awjsda0d.exe
2016-12-10 03:42 - 2016-12-10 03:42 - 02956128 _____ () C:\Program Files\Common Files\ztc00rpz.exe
2016-12-10 03:42 - 2016-12-10 03:42 - 02956128 _____ () C:\Program Files\Common Files\wwo5ffrl.exe
2016-12-09 21:40 - 2016-12-09 21:40 - 02956128 _____ () C:\Program Files\Common Files\rrpvpit0.exe
2016-12-09 21:31 - 2016-12-09 21:31 - 02956128 _____ () C:\Program Files\Common Files\4lwyqj04.exe
2016-12-09 19:40 - 2016-12-09 19:40 - 02956128 _____ () C:\Program Files\Common Files\43ukpr0k.exe
2016-12-09 18:40 - 2016-12-09 18:40 - 02956128 _____ () C:\Program Files\Common Files\rt0quins.exe
2016-12-09 18:06 - 2016-12-09 18:06 - 02956128 _____ () C:\Program Files\Common Files\lkoi2shf.exe
2016-12-09 17:39 - 2016-12-09 17:40 - 02956128 _____ () C:\Program Files\Common Files\2rl5yecs.exe
2016-12-09 17:29 - 2016-12-09 17:29 - 02956128 _____ () C:\Program Files\Common Files\jimdwk24.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\vmnrgjab.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\ki1yk2pa.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\ic21ba5x.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\gwmmy2io.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\c0m2zcp1.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 02956128 _____ () C:\Program Files\Common Files\ajuo2qtx.exe
2016-12-09 14:05 - 2016-12-09 14:05 - 02956128 _____ () C:\Program Files\Common Files\fxqf2g0c.exe
2016-12-09 13:39 - 2016-12-09 13:39 - 02956128 _____ () C:\Program Files\Common Files\g4aph4bk.exe
2016-12-09 11:05 - 2016-12-09 11:05 - 02956128 _____ () C:\Program Files\Common Files\3v0vac0x.exe
2016-12-09 11:02 - 2016-12-09 11:02 - 02956128 _____ () C:\Program Files\Common Files\ad55zlca.exe
2016-12-09 10:13 - 2016-12-09 10:15 - 02956128 _____ () C:\Program Files\Common Files\u3hoj5iq.exe
2016-12-09 10:13 - 2016-12-09 10:15 - 02956128 _____ () C:\Program Files\Common Files\ojt3faqt.exe
2016-12-09 09:05 - 2016-12-09 09:05 - 02956128 _____ () C:\Program Files\Common Files\w4opv5kx.exe
2016-12-09 09:02 - 2016-12-09 09:02 - 02956128 _____ () C:\Program Files\Common Files\y5cmu0ku.exe
2016-12-09 09:02 - 2016-12-09 09:02 - 00000509 _____ C:\Users\Jernej\Desktop\Programi in funkcije - Bližnjica.lnk
2016-12-09 08:25 - 2016-12-09 08:25 - 00000000 ____D C:\Users\Jernej\AppData\Roaming\WMM
2016-12-09 08:23 - 2016-12-09 08:23 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-12-09 08:22 - 2016-12-09 08:22 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-12-09 08:20 - 2016-12-09 08:21 - 26689458 _____ (videowinsoft.com ) C:\Users\Jernej\Downloads\windows-movie-maker-2016.exe
2016-12-09 08:12 - 2016-12-09 08:12 - 02956128 _____ () C:\Program Files\Common Files\jwi3dj2f.exe
2016-12-09 08:12 - 2016-12-09 08:12 - 02956128 _____ () C:\Program Files\Common Files\cauh0ybn.exe
2016-12-09 07:35 - 2016-12-09 09:02 - 00000000 ____D C:\ProgramData\Freemake
2016-12-09 07:35 - 2016-12-09 07:38 - 00000000 ____D C:\Users\Jernej\Documents\Freemake
2016-12-09 07:34 - 2016-12-09 09:02 - 00000000 ____D C:\Program Files (x86)\Freemake
2016-12-09 07:32 - 2016-12-09 07:33 - 01964384 _____ (Ellora Assets Corporation ) C:\Users\Jernej\Downloads\FreemakeVideoConverterSetup.exe
2016-12-09 06:44 - 2016-12-09 06:44 - 02956128 _____ () C:\Program Files\Common Files\xfna1tcq.exe
2016-12-09 06:44 - 2016-12-09 06:44 - 02956128 _____ () C:\Program Files\Common Files\ln4iod3t.exe
2016-12-08 21:40 - 2016-12-08 21:40 - 02956128 _____ () C:\Program Files\Common Files\lexwnqln.exe
2016-12-08 21:23 - 2016-12-08 21:24 - 02956128 _____ () C:\Program Files\Common Files\yswveqqx.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\vjmtxj5l.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\uqgjwcsu.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\rqzosy05.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\dod51cix.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\cxmjuknk.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\ciisrtq2.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\bbrkntag.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\akvdljbw.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\5tsj0dr2.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 02956128 _____ () C:\Program Files\Common Files\5sef1rgv.exe
2016-12-08 14:06 - 2016-12-08 14:06 - 02956128 _____ () C:\Program Files\Common Files\p2pdv21t.exe
2016-12-08 13:39 - 2016-12-08 13:40 - 02956128 _____ () C:\Program Files\Common Files\ztktlnti.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\tppr2cu0.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\q0yloisv.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\maklm4nz.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\hdwsbcmp.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\ez03fq4r.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\ayhomga2.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\4b2cbmd0.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 02956128 _____ () C:\Program Files\Common Files\1k4puy4n.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 02953344 _____ () C:\Program Files\Common Files\4ufisxbj.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 02953344 _____ () C:\Program Files\Common Files\4ttvy0so.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 02953344 _____ () C:\Program Files\Common Files\4mla1ysm.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 02953344 _____ () C:\Program Files\Common Files\2jmiqmog.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 02953344 _____ () C:\Program Files\Common Files\1hbi4kw1.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\qzvrnfdp.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\ndrwxafu.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\kgbpmhrn.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\dreu5ktk.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\bqu05vlt.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\4yksy5l5.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\3dgcypuv.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 02944643 _____ () C:\Program Files\Common Files\2xyrg0md.exe
2016-12-07 14:39 - 2016-12-07 14:39 - 02930840 _____ () C:\Program Files\Common Files\wr5do3mv.exe
2016-12-07 14:06 - 2016-12-07 14:06 - 02934666 _____ () C:\Program Files\Common Files\o5nfrwcw.exe
2016-12-07 13:40 - 2016-12-07 13:40 - 02934666 _____ () C:\Program Files\Common Files\llm23iq2.exe
2016-12-07 11:05 - 2016-12-07 11:05 - 02950883 _____ () C:\Program Files\Common Files\r2fgl15t.exe
2016-12-07 11:02 - 2016-12-07 11:02 - 02950883 _____ () C:\Program Files\Common Files\uoxtp5mf.exe
2016-12-07 10:05 - 2016-12-07 10:05 - 02949867 _____ () C:\Program Files\Common Files\fvsh1zrz.exe
2016-12-07 10:02 - 2016-12-07 10:02 - 02949867 _____ () C:\Program Files\Common Files\kbeepq3w.exe
2016-12-07 09:05 - 2016-12-07 09:05 - 02953676 _____ () C:\Program Files\Common Files\d5y5kpxe.exe
2016-12-07 09:02 - 2016-12-07 09:02 - 02953676 _____ () C:\Program Files\Common Files\gh0hlx4u.exe
2016-12-07 08:24 - 2016-12-07 08:24 - 02931262 _____ () C:\Program Files\Common Files\nacfzv3q.exe
2016-12-07 08:24 - 2016-12-07 08:24 - 02931262 _____ () C:\Program Files\Common Files\k0xbs1r4.exe
2016-12-07 07:28 - 2016-12-07 07:28 - 02935068 _____ () C:\Program Files\Common Files\31nhsocp.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\z5ha44fq.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\x2wnjm1b.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\vv0aw5hz.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\vmxlcbkm.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\uxtms3nn.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\uhegpjfs.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\te3htbdw.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\sk4htdoy.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\rugbnzbx.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\r1kz0usq.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\pzv2xkda.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\pnt2j2ag.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\odt1vqlk.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\n1gyzmoy.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\mdgddrr4.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\kne3wgqv.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\jjilqnhr.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\g4r5opax.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\ch4w3fbm.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\areab3p4.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\3u2bsn5p.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 02935068 _____ () C:\Program Files\Common Files\34pnig1q.exe
2016-12-06 08:54 - 2016-12-06 08:54 - 00606154 _____ C:\Users\Jernej\Downloads\2166_0001.pdf
2016-12-06 08:49 - 2016-12-06 08:49 - 02928952 _____ () C:\Program Files\Common Files\jzhud1yt.exe
2016-12-06 08:49 - 2016-12-06 08:49 - 02928952 _____ () C:\Program Files\Common Files\dphlerpw.exe
2016-12-06 06:11 - 2016-12-06 06:11 - 02381224 _____ (iNeta d.o.o. ) C:\Users\Jernej\Downloads\SetupEplFotoPlus(1).exe
2016-12-05 20:40 - 2016-12-05 20:40 - 02945560 _____ () C:\Program Files\Common Files\e11al15p.exe
2016-12-05 19:40 - 2016-12-05 19:40 - 02949356 _____ () C:\Program Files\Common Files\4duzljbv.exe
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-28 19:39 - 2016-12-27 22:07 - 00000000 ____D C:\Users\Jernej\AppData\LocalLow\Mozilla
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-28 13:40 - 2015-11-17 14:39 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-28 13:38 - 2016-08-05 06:12 - 00000000 ____D C:\FRST
2016-12-28 12:05 - 2015-04-02 19:02 - 00000000 ____D C:\ProgramData\ACD Systems
2016-12-28 12:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-28 11:47 - 2014-10-21 18:29 - 00000000 ____D C:\!!!DOKUMENTI ZA BACKUP
2016-12-28 11:05 - 2014-10-15 13:15 - 00001042 _____ C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-28 11:00 - 2009-07-14 05:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-28 11:00 - 2009-07-14 05:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-28 10:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-28 10:36 - 2014-10-26 04:01 - 00000000 ____D C:\Users\Jernej\AppData\Roaming\BitComet
2016-12-28 10:25 - 2016-01-08 10:08 - 00001681 _____ C:\Users\Jernej\Desktop\2016 prosnje zivljenjepisi - Bližnjica.lnk
2016-12-28 10:25 - 2015-12-10 10:51 - 00001600 _____ C:\Users\Jernej\Desktop\!!FIRMA SP DOO - Bližnjica.lnk
2016-12-28 10:24 - 2015-11-23 10:34 - 00001767 _____ C:\Users\Jernej\Desktop\!!KONOPLJA - Bližnjica.lnk
2016-12-28 08:51 - 2015-01-03 08:04 - 00731850 _____ C:\Windows\system32\perfh010.dat
2016-12-28 08:51 - 2015-01-03 08:04 - 00146714 _____ C:\Windows\system32\perfc010.dat
2016-12-28 08:51 - 2015-01-03 07:36 - 00689012 _____ C:\Windows\system32\perfh007.dat
2016-12-28 08:51 - 2015-01-03 07:36 - 00148984 _____ C:\Windows\system32\perfc007.dat
2016-12-28 08:51 - 2015-01-03 07:36 - 00121186 _____ C:\Windows\system32\perfh024.dat
2016-12-28 08:51 - 2015-01-03 07:36 - 00026774 _____ C:\Windows\system32\perfc024.dat
2016-12-28 08:51 - 2009-07-14 06:13 - 02629780 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-28 07:38 - 2015-01-03 19:00 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-28 07:34 - 2014-10-25 06:39 - 00000000 ____D C:\ProgramData\Nero
2016-12-23 17:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-22 13:20 - 2016-07-28 14:03 - 00000000 ____D C:\Program Files\Common Files\ysxx5yhb
2016-12-22 13:20 - 2016-07-26 21:38 - 00000000 ____D C:\Program Files\Common Files\2gn2rbic
2016-12-22 13:20 - 2016-07-26 17:37 - 00000000 ____D C:\Program Files\Common Files\yp2muamg
2016-12-22 13:20 - 2016-07-26 16:37 - 00000000 ____D C:\Program Files\Common Files\44lsfwfm
2016-12-22 13:20 - 2016-07-26 13:37 - 00000000 ____D C:\Program Files\Common Files\t4guc34w
2016-12-22 13:20 - 2016-07-26 12:37 - 00000000 ____D C:\Program Files\Common Files\psmluq23
2016-12-22 13:19 - 2016-07-28 17:04 - 00000000 ____D C:\Program Files\Common Files\ujvxasm0
2016-12-22 13:19 - 2016-07-28 16:04 - 00000000 ____D C:\Program Files\Common Files\35rlgvd1
2016-12-22 13:19 - 2016-07-28 15:04 - 00000000 ____D C:\Program Files\Common Files\lhw2javn
2016-12-22 13:19 - 2016-07-28 13:03 - 00000000 ____D C:\Program Files\Common Files\rnjokjf4
2016-12-22 13:19 - 2016-07-28 10:03 - 00000000 ____D C:\Program Files\Common Files\g15zxh2x
2016-12-22 13:19 - 2016-07-28 09:03 - 00000000 ____D C:\Program Files\Common Files\pr0krzx1
2016-12-22 13:19 - 2016-07-28 08:03 - 00000000 ____D C:\Program Files\Common Files\pg0jaxsw
2016-12-22 13:19 - 2016-07-28 07:04 - 00000000 ____D C:\Program Files\Common Files\tkt2g0da
2016-12-22 13:19 - 2016-07-27 10:00 - 00000000 ____D C:\Program Files\Common Files\vg3spayq
2016-12-22 13:19 - 2016-07-27 08:59 - 00000000 ____D C:\Program Files\Common Files\vl40wgm2
2016-12-22 13:19 - 2016-07-27 07:59 - 00000000 ____D C:\Program Files\Common Files\cf5tnvux
2016-12-22 13:19 - 2016-07-27 07:00 - 00000000 ____D C:\Program Files\Common Files\kdshgy2y
2016-12-22 13:19 - 2016-07-26 22:38 - 00000000 ____D C:\Program Files\Common Files\2krelaqr
2016-12-22 13:19 - 2016-07-26 20:38 - 00000000 ____D C:\Program Files\Common Files\b3s24rro
2016-12-22 13:19 - 2016-07-26 19:38 - 00000000 ____D C:\Program Files\Common Files\hoa0ouqc
2016-12-22 13:19 - 2016-07-26 15:37 - 00000000 ____D C:\Program Files\Common Files\uirjnnf2
2016-12-22 13:19 - 2016-07-26 14:37 - 00000000 ____D C:\Program Files\Common Files\hqzjqhyj
2016-12-22 13:16 - 2016-07-26 18:37 - 00000000 ____D C:\Program Files\Common Files\kegzscx5
2016-12-22 12:07 - 2014-10-23 21:47 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-22 12:07 - 2014-10-16 13:46 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-22 12:07 - 2014-10-16 13:46 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-22 12:05 - 2016-08-05 04:27 - 00000000 ____D C:\Users\Jernej\Desktop\CLEANING VIRUSES 8.2016
2016-12-21 19:26 - 2016-08-05 07:18 - 01932560 _____ C:\Windows\ntbtlog.txt
2016-12-20 21:04 - 2016-11-18 20:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-20 21:04 - 2014-11-15 08:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-19 14:37 - 2009-07-14 05:45 - 00411760 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-19 14:20 - 2014-10-16 07:41 - 00000000 ____D C:\Windows\system32\MRT
2016-12-19 14:17 - 2014-10-16 07:41 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-19 14:14 - 2014-10-16 08:56 - 02566306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-19 09:41 - 2014-10-16 13:46 - 00003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-19 09:41 - 2014-10-16 13:46 - 00003360 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 20:31 - 2015-07-19 08:17 - 00019968 _____ C:\Users\Jernej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-14 20:10 - 2015-11-17 14:39 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-14 20:10 - 2014-11-12 06:58 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-14 20:10 - 2014-11-12 06:58 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-14 20:09 - 2014-11-12 06:58 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-14 20:09 - 2014-11-12 06:58 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-13 10:54 - 2014-10-16 13:58 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-12-13 10:54 - 2014-10-16 13:58 - 00001945 _____ C:\Windows\epplauncher.mif
2016-12-13 10:54 - 2014-10-16 13:58 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-12-13 10:54 - 2014-10-16 13:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-12-09 21:41 - 2014-10-23 20:20 - 00000000 ____D C:\Users\Jernej\AppData\Roaming\vlc
2016-12-09 11:45 - 2015-12-22 19:20 - 00000000 ____D C:\Users\Jernej\AppData\Roaming\dvdcss
2016-12-09 06:56 - 2014-10-22 18:52 - 00000000 ____D C:\!!!MAJA
2016-12-06 06:11 - 2015-12-14 10:01 - 00002134 _____ C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\ePhotoLab - Foto Plus.lnk
2016-12-06 06:11 - 2015-12-14 10:01 - 00002110 _____ C:\Users\Jernej\Desktop\ePhotoLab - Foto Plus.lnk
2016-12-06 06:11 - 2015-12-14 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ePhotoLab
 
==================== Files in the root of some directories =======
 
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\001dk12b.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\0e1innp3.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\0gphgoj2.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 2955407 _____ () C:\Program Files\Common Files\0mbeyhao.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\0mihtvzr.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 2953344 _____ () C:\Program Files\Common Files\1hbi4kw1.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\1k4puy4n.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\1m2oaq2i.exe
2016-12-15 18:06 - 2016-12-15 18:06 - 3020738 _____ () C:\Program Files\Common Files\1w31tty5.exe
2016-12-13 10:02 - 2016-12-13 10:02 - 2929304 _____ () C:\Program Files\Common Files\2czivodn.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\2hyvckgp.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 2953344 _____ () C:\Program Files\Common Files\2jmiqmog.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\2l3ciwb3.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 3021081 _____ () C:\Program Files\Common Files\2ozgoojj.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\2qpcohij.exe
2016-12-09 17:39 - 2016-12-09 17:40 - 2956128 _____ () C:\Program Files\Common Files\2rl5yecs.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\2xyrg0md.exe
2016-12-07 07:28 - 2016-12-07 07:28 - 2935068 _____ () C:\Program Files\Common Files\31nhsocp.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\31upcpzi.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\33nzp3ds.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\34pnig1q.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\34vjp4is.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\3crnd5s4.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\3dgcypuv.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\3fpc2g5z.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\3fzkvfce.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\3hmbjydh.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\3q4nu04v.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\3u2bsn5p.exe
2016-12-09 11:05 - 2016-12-09 11:05 - 2956128 _____ () C:\Program Files\Common Files\3v0vac0x.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\3xjp4ttv.exe
2016-12-09 19:40 - 2016-12-09 19:40 - 2956128 _____ () C:\Program Files\Common Files\43ukpr0k.exe
2016-12-15 17:56 - 2016-12-15 17:56 - 3020682 _____ () C:\Program Files\Common Files\4avdldsz.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\4b2cbmd0.exe
2016-12-05 19:40 - 2016-12-05 19:40 - 2949356 _____ () C:\Program Files\Common Files\4duzljbv.exe
2016-12-09 21:31 - 2016-12-09 21:31 - 2956128 _____ () C:\Program Files\Common Files\4lwyqj04.exe
2016-12-15 18:39 - 2016-12-15 18:39 - 3020768 _____ () C:\Program Files\Common Files\4mjjul5p.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 2953344 _____ () C:\Program Files\Common Files\4mla1ysm.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\4pje2usj.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 2953344 _____ () C:\Program Files\Common Files\4ttvy0so.exe
2016-12-08 06:09 - 2016-12-08 06:09 - 2953344 _____ () C:\Program Files\Common Files\4ufisxbj.exe
2016-12-15 23:40 - 2016-12-15 23:40 - 3020666 _____ () C:\Program Files\Common Files\4yckbatn.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\4yksy5l5.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\5cmfddtd.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\5m1b40zw.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\5sef1rgv.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\5tsj0dr2.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\5xri25eq.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\5z5ytn0z.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\a1jy3ptn.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\a42t5mkl.exe
2016-12-09 11:02 - 2016-12-09 11:02 - 2956128 _____ () C:\Program Files\Common Files\ad55zlca.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\ajuo2qtx.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\akvdljbw.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\aluxhvc5.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\areab3p4.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\ari0p41n.exe
2016-12-10 08:11 - 2016-12-10 08:11 - 2956128 _____ () C:\Program Files\Common Files\awjsda0d.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\ayhomga2.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\bbrkntag.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\bev1tt0w.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\bj4smrpj.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\bqu05vlt.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\bru4lzu0.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\c0m2zcp1.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\c4jrup5i.exe
2016-12-09 08:12 - 2016-12-09 08:12 - 2956128 _____ () C:\Program Files\Common Files\cauh0ybn.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\ch4w3fbm.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\ciisrtq2.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\cj2zwhls.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\commluf1.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\cqcpdayj.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\cqd4ru0n.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\crftw0hg.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\csji25pz.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\cwdxd4aj.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\cxmjuknk.exe
2016-12-07 09:05 - 2016-12-07 09:05 - 2953676 _____ () C:\Program Files\Common Files\d5y5kpxe.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\do3zwpeu.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\dod51cix.exe
2016-12-06 08:49 - 2016-12-06 08:49 - 2928952 _____ () C:\Program Files\Common Files\dphlerpw.exe
2016-12-19 14:08 - 2016-12-19 14:08 - 3021071 _____ () C:\Program Files\Common Files\dqf0nuhv.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\dreu5ktk.exe
2016-12-05 20:40 - 2016-12-05 20:40 - 2945560 _____ () C:\Program Files\Common Files\e11al15p.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\e15zwtfd.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\e3ee5qol.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\eesjskqo.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 2954451 _____ () C:\Program Files\Common Files\eetjjixn.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\eh44yp5b.exe
2016-12-15 19:40 - 2016-12-15 19:40 - 3020700 _____ () C:\Program Files\Common Files\eldcccjx.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 2954451 _____ () C:\Program Files\Common Files\euhfpce5.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 3021081 _____ () C:\Program Files\Common Files\euu02fii.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\ez03fq4r.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 2955407 _____ () C:\Program Files\Common Files\fbik4zax.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\fcsmii5k.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\fm0btic2.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\fuizqtnt.exe
2016-12-07 10:05 - 2016-12-07 10:05 - 2949867 _____ () C:\Program Files\Common Files\fvsh1zrz.exe
2016-12-09 14:05 - 2016-12-09 14:05 - 2956128 _____ () C:\Program Files\Common Files\fxqf2g0c.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\fyxzggo4.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\fzpkj1kt.exe
2016-12-09 13:39 - 2016-12-09 13:39 - 2956128 _____ () C:\Program Files\Common Files\g4aph4bk.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\g4r5opax.exe
2016-12-07 09:02 - 2016-12-07 09:02 - 2953676 _____ () C:\Program Files\Common Files\gh0hlx4u.exe
2016-12-15 20:40 - 2016-12-15 20:40 - 3020706 _____ () C:\Program Files\Common Files\gidl3212.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\gwmmy2io.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\gypr5lcy.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\gz25frol.exe
2016-12-13 11:05 - 2016-12-13 11:05 - 2950710 _____ () C:\Program Files\Common Files\h1ialekr.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\hc430lux.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\hdwsbcmp.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\hmgtsovy.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\hplueezn.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\ic21ba5x.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\ipf30phh.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\ipymryka.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\itmi3qly.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\ivnncg3v.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 3021081 _____ () C:\Program Files\Common Files\ixyljokq.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\j4yr4toi.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\jb44irkl.exe
2016-12-09 17:29 - 2016-12-09 17:29 - 2956128 _____ () C:\Program Files\Common Files\jimdwk24.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\jjilqnhr.exe
2016-12-19 11:21 - 2016-12-19 11:21 - 3021081 _____ () C:\Program Files\Common Files\jkol1wsz.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\jnd1lkzy.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\jrjms1r2.exe
2016-12-09 08:12 - 2016-12-09 08:12 - 2956128 _____ () C:\Program Files\Common Files\jwi3dj2f.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 3021720 _____ () C:\Program Files\Common Files\jwnivu1w.exe
2016-12-06 08:49 - 2016-12-06 08:49 - 2928952 _____ () C:\Program Files\Common Files\jzhud1yt.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\k0dt5xyl.exe
2016-12-07 08:24 - 2016-12-07 08:24 - 2931262 _____ () C:\Program Files\Common Files\k0xbs1r4.exe
2016-12-15 21:40 - 2016-12-15 21:40 - 3020650 _____ () C:\Program Files\Common Files\k5s5jr3c.exe
2016-12-07 10:02 - 2016-12-07 10:02 - 2949867 _____ () C:\Program Files\Common Files\kbeepq3w.exe
2016-12-19 11:29 - 2016-12-19 11:29 - 3021081 _____ () C:\Program Files\Common Files\kbsen10d.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\kdfdw1nx.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\keeflik3.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\kgbpmhrn.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\ki1yk2pa.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\kmvjzs2c.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\kne3wgqv.exe
2016-12-15 17:55 - 2016-12-15 17:55 - 3020682 _____ () C:\Program Files\Common Files\kpbsvgsf.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\krdcyofl.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\kti2cpft.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\kukhs5yc.exe
2016-12-08 21:40 - 2016-12-08 21:40 - 2956128 _____ () C:\Program Files\Common Files\lexwnqln.exe
2016-12-09 18:06 - 2016-12-09 18:06 - 2956128 _____ () C:\Program Files\Common Files\lkoi2shf.exe
2016-12-07 13:40 - 2016-12-07 13:40 - 2934666 _____ () C:\Program Files\Common Files\llm23iq2.exe
2016-12-09 06:44 - 2016-12-09 06:44 - 2956128 _____ () C:\Program Files\Common Files\ln4iod3t.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\lndi0yuu.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\lrnrnctq.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\m5gksziz.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\maklm4nz.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\mdgddrr4.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\micw0en0.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\mkool4nz.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\n1gyzmoy.exe
2016-12-07 08:24 - 2016-12-07 08:24 - 2931262 _____ () C:\Program Files\Common Files\nacfzv3q.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\ncwu3opx.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\ndrwxafu.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\ngwslksm.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\nh0tvqsi.exe
2016-12-10 08:11 - 2016-12-10 08:11 - 2956128 _____ () C:\Program Files\Common Files\nrylwlas.exe
2016-12-22 11:05 - 2016-12-22 11:05 - 3021667 _____ () C:\Program Files\Common Files\nxqix2v4.exe
2016-12-07 14:06 - 2016-12-07 14:06 - 2934666 _____ () C:\Program Files\Common Files\o5nfrwcw.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\odt1vqlk.exe
2016-12-21 19:42 - 2016-12-21 19:42 - 3021720 _____ () C:\Program Files\Common Files\oe5rxgmy.exe
2016-12-09 10:13 - 2016-12-09 10:15 - 2956128 _____ () C:\Program Files\Common Files\ojt3faqt.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 3021720 _____ () C:\Program Files\Common Files\olf1kjhh.exe
2016-12-19 13:39 - 2016-12-19 13:39 - 3021071 _____ () C:\Program Files\Common Files\oqhrpyau.exe
2016-12-13 11:05 - 2016-12-13 11:06 - 2950710 _____ () C:\Program Files\Common Files\orijtx1e.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\otfg1co3.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\p1qnbqql.exe
2016-12-08 14:06 - 2016-12-08 14:06 - 2956128 _____ () C:\Program Files\Common Files\p2pdv21t.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 2954451 _____ () C:\Program Files\Common Files\p4d4ysvq.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\pnt2j2ag.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\pt2bgm5a.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\pzv2xkda.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\q0yloisv.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\qaublevw.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\qiqf403k.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\qs1mlvay.exe
2016-12-07 19:02 - 2016-12-07 19:02 - 2944643 _____ () C:\Program Files\Common Files\qzvrnfdp.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\r1kz0usq.exe
2016-12-07 11:05 - 2016-12-07 11:05 - 2950883 _____ () C:\Program Files\Common Files\r2fgl15t.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\rb5gu2a4.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\rgmctvpo.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\rqzosy05.exe
2016-12-09 21:40 - 2016-12-09 21:40 - 2956128 _____ () C:\Program Files\Common Files\rrpvpit0.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\rsgzqio1.exe
2016-12-09 18:40 - 2016-12-09 18:40 - 2956128 _____ () C:\Program Files\Common Files\rt0quins.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\rugbnzbx.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\rwn4isn4.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 2955407 _____ () C:\Program Files\Common Files\rx5mudb2.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\rxdu4hxh.exe
2016-12-13 09:35 - 2016-12-13 09:35 - 2954451 _____ () C:\Program Files\Common Files\sapjv1qo.exe
2016-12-13 06:18 - 2016-12-13 06:18 - 2955407 _____ () C:\Program Files\Common Files\scsrrdb0.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\sdd5fdmt.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\sfgifsmn.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\sk4htdoy.exe
2016-12-13 06:19 - 2016-12-13 06:19 - 2955407 _____ () C:\Program Files\Common Files\sxymutwi.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\syk044vm.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 3021720 _____ () C:\Program Files\Common Files\tcxzcyiq.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\te3htbdw.exe
2016-12-08 12:49 - 2016-12-08 12:49 - 2956128 _____ () C:\Program Files\Common Files\tppr2cu0.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\tv0asxre.exe
2016-12-22 10:50 - 2016-12-22 10:50 - 3021667 _____ () C:\Program Files\Common Files\tvp0ztb2.exe
2016-12-21 19:38 - 2016-12-21 19:38 - 3021720 _____ () C:\Program Files\Common Files\tvxpfunq.exe
2016-12-09 10:13 - 2016-12-09 10:15 - 2956128 _____ () C:\Program Files\Common Files\u3hoj5iq.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\u5e3xqwm.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\uhawpzv4.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\uhegpjfs.exe
2016-12-21 19:41 - 2016-12-21 19:42 - 3021720 _____ () C:\Program Files\Common Files\uowpj54y.exe
2016-12-07 11:02 - 2016-12-07 11:02 - 2950883 _____ () C:\Program Files\Common Files\uoxtp5mf.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\uqgjwcsu.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\uxtms3nn.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\v2mqzgiv.exe
2016-12-22 11:02 - 2016-12-22 11:02 - 3021667 _____ () C:\Program Files\Common Files\vczke5tf.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\vhgrdcjw.exe
2016-12-08 21:23 - 2016-12-08 21:23 - 2956128 _____ () C:\Program Files\Common Files\vjmtxj5l.exe
2016-12-15 22:40 - 2016-12-15 22:40 - 3020746 _____ () C:\Program Files\Common Files\vl1ychoa.exe
2016-12-09 17:19 - 2016-12-09 17:19 - 2956128 _____ () C:\Program Files\Common Files\vmnrgjab.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\vmxlcbkm.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\vnliupbx.exe
2016-12-13 10:05 - 2016-12-13 10:05 - 2929304 _____ () C:\Program Files\Common Files\vuvcjowk.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\vv0aw5hz.exe
2016-12-21 19:41 - 2016-12-21 19:41 - 3021720 _____ () C:\Program Files\Common Files\vwsegdek.exe
2016-12-09 09:05 - 2016-12-09 09:05 - 2956128 _____ () C:\Program Files\Common Files\w4opv5kx.exe
2016-12-07 14:39 - 2016-12-07 14:39 - 2930840 _____ () C:\Program Files\Common Files\wr5do3mv.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\wuf4xr5f.exe
2016-12-21 19:42 - 2016-12-21 19:42 - 3021720 _____ () C:\Program Files\Common Files\wugd3s1k.exe
2016-12-10 03:42 - 2016-12-10 03:42 - 2956128 _____ () C:\Program Files\Common Files\wwo5ffrl.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\wwsrc0yl.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\x2wnjm1b.exe
2016-08-05 08:02 - 2016-08-05 08:02 - 2954779 _____ () C:\Program Files\Common Files\xalna2x2.exe
2016-12-21 19:40 - 2016-12-21 19:40 - 3021720 _____ () C:\Program Files\Common Files\xdcfvull.exe
2016-12-09 06:44 - 2016-12-09 06:44 - 2956128 _____ () C:\Program Files\Common Files\xfna1tcq.exe
2016-12-21 19:39 - 2016-12-21 19:39 - 3021720 _____ () C:\Program Files\Common Files\xwfp3nce.exe
2016-12-14 20:12 - 2016-12-14 20:13 - 3020767 _____ () C:\Program Files\Common Files\xxn1ycch.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\y2ugcrze.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\y4kf4lua.exe
2016-12-09 09:02 - 2016-12-09 09:02 - 2956128 _____ () C:\Program Files\Common Files\y5cmu0ku.exe
2016-12-13 06:17 - 2016-12-13 06:17 - 2955407 _____ () C:\Program Files\Common Files\yg4vbnnx.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\yjfiyns5.exe
2016-12-13 06:16 - 2016-12-13 06:16 - 2955407 _____ () C:\Program Files\Common Files\ysri4jqx.exe
2016-12-08 21:23 - 2016-12-08 21:24 - 2956128 _____ () C:\Program Files\Common Files\yswveqqx.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\ywh20yst.exe
2016-12-07 07:17 - 2016-12-07 07:17 - 2935068 _____ () C:\Program Files\Common Files\z5ha44fq.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\zm3eqna5.exe
2016-12-15 17:47 - 2016-12-15 17:47 - 3020682 _____ () C:\Program Files\Common Files\zoc0wpej.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\zshdiv54.exe
2016-12-10 03:42 - 2016-12-10 03:42 - 2956128 _____ () C:\Program Files\Common Files\ztc00rpz.exe
2016-12-08 13:39 - 2016-12-08 13:40 - 2956128 _____ () C:\Program Files\Common Files\ztktlnti.exe
2016-12-19 09:49 - 2016-12-19 09:49 - 3021177 _____ () C:\Program Files\Common Files\zu3awbg2.exe
2016-07-26 11:33 - 2016-07-26 11:33 - 7105536 _____ () C:\Users\Jernej\AppData\Roaming\agent.dat
2016-07-26 11:32 - 2016-07-26 11:32 - 0129024 _____ () C:\Users\Jernej\AppData\Roaming\Installer.dat
2016-07-26 11:33 - 2016-07-26 11:33 - 0018432 _____ () C:\Users\Jernej\AppData\Roaming\Main.dat
2016-08-05 07:37 - 2016-12-28 13:11 - 0518956 _____ () C:\Users\Jernej\AppData\Local\BTServer.log
2015-07-19 08:17 - 2016-12-15 20:31 - 0019968 _____ () C:\Users\Jernej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-03 09:47 - 2016-08-26 19:25 - 0007657 _____ () C:\Users\Jernej\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
C:\Users\Jernej\AppData\Local\Temp\DllMonoCtrl.dll
C:\Users\Jernej\AppData\Local\Temp\FreemakeVideoConverterFull.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-24 07:21
 
==================== End of FRST.txt ============================

 

 

Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Jernej (28-12-2016 13:41:43)
Running from C:\Users\Jernej\Desktop\CLEANING VIRUSES 8.2016\247fix...22.12.16
Windows 7 Ultimate Service Pack 1 (X64) (2014-10-15 12:15:24)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-111603173-2415600283-1906868864-500 - Administrator - Disabled)
Guest (S-1-5-21-111603173-2415600283-1906868864-501 - Limited - Disabled)
Jernej (S-1-5-21-111603173-2415600283-1906868864-1000 - Administrator - Enabled) => C:\Users\Jernej
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Slovenian (HKLM-x32\...\{AC76BA86-7AD7-1060-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
BitComet 1.37 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.37 - CometNetwork)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
ePhotoLab - Foto Plus (HKLM-x32\...\{262B688D-2A92-4424-BCDF-CF0EFA87075A}_is1) (Version: 2.11.5 - iNeta d.o.o.)
Google Chrome (HKLM-x32\...\{D0759C6C-1F01-345D-8F59-E3B43977D754}) (Version: 55.0.2883.87 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Google Zemlja (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Hofer foto storitve (HKLM-x32\...\Hofer foto storitve) (Version: 4.12.1. - ORWO Net)
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{88D3964A-59BE-412B-B61F-6EF5FBB33707}) (Version: 6.0.12.1 - Hewlett-Packard Company)
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version:  - )
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Malwarebytes različica 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0424-0000-0000000FF1CE}_OMUI.sl-si_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Slovenian/slovenščina (HKLM-x32\...\OMUI.sl-si) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Posodobitev za Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0424-0000-0000000FF1CE}_OMUI.sl-si_{FD705E62-13B4-4BF5-A4B2-A7599309751B}) (Version:  - Microsoft)
Posodobitev za Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0424-0000-0000000FF1CE}_OMUI.sl-si_{045DC059-1CCC-47B9-BA35-713E269D33B8}) (Version:  - Microsoft)
Posodobitev za Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0424-0000-0000000FF1CE}_OMUI.sl-si_{AD1C31E7-4856-4887-9307-1ABDE0F2DF7C}) (Version:  - Microsoft)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.7 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.43 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.83.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7225 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
SETCCE proXSign® 2.0.6.1 (HKLM-x32\...\{5829CC72-35A3-439B-AB90-CE2776075835}}_is1) (Version: 2.0.6.1 - SETCCE)
SETCCE proXSign® XML ActiveX 1.2.24 - XML Digital Signatures, Encryption and Timestamping plugin - User (HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\proXSignXML) (Version: 1.2.24 - SETCCE)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.8.1 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0E20888B-9CC5-4B4A-A32E-671871CF7864} - System32\Tasks\7b5dd999-cf86-4b52-85b9-b1d7ec4756d4 15 0 => C:\Program Files (x86)\Nero\Nero BackItUp\NBCore.exe
Task: {1CD0CF01-CC38-4ABA-81E9-856F92CF0480} - System32\Tasks\aew3wwgw => C:\Program Files\Common Files\kegzscx5\d43dcnw0thxcg.exe <==== ATTENTION
Task: {1D9A101B-B904-46B7-B9A2-1E4A034F364B} - System32\Tasks\bzlgyg1h => C:\Program Files\Common Files\pr0krzx1\52038npzmibh2.exe <==== ATTENTION
Task: {261F065E-BA19-4CCA-8776-CFFFB45EE80A} - System32\Tasks\dx0alk5l => C:\Program Files\Common Files\tkt2g0da\1d426sqxyvnqc.exe <==== ATTENTION
Task: {304EA0D6-477C-4FDE-8CFC-3DD08E6833E6} - \iroductuol -> No File <==== ATTENTION
Task: {3975A867-3F5C-4E35-9DCE-FD0DC3B1FD51} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {3CF90AAF-3A3A-48AE-8E3B-4FCA630D20C4} - System32\Tasks\w4oqkuw4 => C:\Program Files\Common Files\lhw2javn\db899u3bh41dx.exe <==== ATTENTION
Task: {3E7E7D77-654A-4472-8AFD-088EDDBE624F} - System32\Tasks\gs0xirtn => C:\Program Files\Common Files\uirjnnf2\189f1trzrsatt.exe <==== ATTENTION
Task: {410347DE-3EBC-4D2B-8DE2-BB205187CA21} - System32\Tasks\rwxtky3g => C:\Program Files\Common Files\ujvxasm0\09e10qonzu23e.exe <==== ATTENTION
Task: {41268F4E-4DAF-40D5-A562-05D23161B2DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {42EC75BC-63FA-4D0E-A20E-139C79F2064C} - System32\Tasks\nhzvoppp => C:\Program Files\Common Files\2krelaqr\d111a4zt4hmo1.exe <==== ATTENTION
Task: {4ADE3A03-7D73-4A76-B348-6956D20BE4A2} - System32\Tasks\vobtm3pr => C:\Program Files\Common Files\g15zxh2x\5fca53bcqw3kz.exe <==== ATTENTION
Task: {5CCFC39E-40CA-47EE-93B2-AA7F190F4868} - System32\Tasks\jyluoi3o => C:\Program Files\Common Files\kdshgy2y\04f1f51ndwsdw.exe <==== ATTENTION
Task: {5D124534-D193-485E-A7D7-3614CCE75DE9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5DE9D4EC-62CA-44D7-B515-66CA20E30A12} - System32\Tasks\34bzjgdx => C:\Program Files\Common Files\t4guc34w\43a20sybjnkgy.exe <==== ATTENTION
Task: {61D1C7DF-FC15-47ED-82B3-DBE7A90DD6E1} - System32\Tasks\n5nimpm4 => C:\Program Files\Common Files\vl40wgm2\7c699xxmjmkl2.exe <==== ATTENTION
Task: {64192548-9393-4CBE-A235-DD5E59746CC0} - System32\Tasks\{E2AA2501-2745-47B3-A4CD-D89AE8B06715} => pcalua.exe -a "C:\!!!DOKUMENTI ZA BACKUP\!!Jernej Filmi, glasba, igre\arhiv games\command and conquer - red alert 2 (full game)\RegSetup.exe" -d "C:\!!!DOKUMENTI ZA BACKUP\!!Jernej Filmi, glasba, igre\arhiv games\command and conquer - red alert 2 (full game)"
Task: {672E2CC8-9E53-4CF4-A946-1AFE7544AF9A} - System32\Tasks\w5xmqrcq => C:\Program Files\Common Files\vg3spayq\5cf43em4bjwkt.exe <==== ATTENTION
Task: {8538BBAD-7C03-499F-A240-CF672496B93F} - System32\Tasks\igritx3u => C:\Program Files\Common Files\rnjokjf4\6f57fetxki00d.exe <==== ATTENTION
Task: {8FC23127-DF86-4097-9915-99B854637BAB} - System32\Tasks\vldfwxve => C:\Program Files\Common Files\44lsfwfm\080dcjaag0eod.exe <==== ATTENTION
Task: {97A7CD85-25C8-4624-B459-122D2C1485FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {9EF728DC-1F78-4955-BE9B-7F171C131D44} - System32\Tasks\xjyzd1ki => C:\Program Files\Common Files\ysxx5yhb\48ea1b3ohf4wl.exe <==== ATTENTION
Task: {A0E1D398-D6B0-48A3-816F-3C11E27D8C14} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {B5B5E9CA-99AA-4447-A091-3A24C9F8C255} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {BB14361B-6415-4DD5-8719-F0D7FC04778D} - System32\Tasks\rz54y325 => C:\Program Files\Common Files\2gn2rbic\051e6ldtingzt.exe <==== ATTENTION
Task: {BB786BFC-B154-4DEC-852C-5C3B6BC72362} - System32\Tasks\k2wgs20j => C:\Program Files\Common Files\pg0jaxsw\0d229btfrvrt4.exe <==== ATTENTION
Task: {D14CFFD2-E089-43DA-B483-524F58036D34} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {D86C73AF-34CC-47B0-BD37-35715A5CB934} - System32\Tasks\fr2evhkj => C:\Program Files\Common Files\b3s24rro\92134w0wohno2.exe <==== ATTENTION
Task: {DE25E640-39B9-4F7E-8133-964B68D3C187} - System32\Tasks\aamtcoic => C:\Program Files\Common Files\psmluq23\b224dixovo2ps.exe <==== ATTENTION
Task: {DEE91ED5-72D4-4732-8E17-4204C7D20BE1} - System32\Tasks\325t2dgz => C:\Program Files\Common Files\cf5tnvux\813f4znyjmvek.exe <==== ATTENTION
Task: {ED6A2AC6-7572-4AAA-84FB-0859626FD86C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {F36DE809-99BA-4026-9C05-3F080FF21E70} - System32\Tasks\idrs0g0w => C:\Program Files\Common Files\hoa0ouqc\56fbapto3aemc.exe <==== ATTENTION
Task: {F8DA3BE4-37AC-46D6-8A7A-F0FF2F465ED6} - System32\Tasks\qg0zoahs => C:\Program Files\Common Files\yp2muamg\46ec24hx2bmax.exe <==== ATTENTION
Task: {F97AC0CF-DCBF-4A88-A8E0-5026EF385406} - System32\Tasks\yqqzgxft => C:\Program Files\Common Files\hqzjqhyj\0d94ejvnaauru.exe <==== ATTENTION
Task: {FAA61F7E-F6B3-48F6-B5F9-C3BEA40CC878} - System32\Tasks\Jernej NBAgent 6 0 => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
Task: {FFF7D1C5-B259-49BD-9F1F-0018F389CC5D} - System32\Tasks\g4hx0oj0 => C:\Program Files\Common Files\35rlgvd1\8922043tt2wjb.exe <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-01-31 15:27 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2015-01-31 15:27 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-10-17 08:08 - 2014-03-05 17:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-12-22 11:48 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-22 11:48 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-22 11:48 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2014-08-13 23:24 - 2014-10-03 17:36 - 00457616 _____ () C:\Windows\system32\igfxTray.exe
2016-12-27 13:48 - 2016-12-27 13:48 - 00468480 _____ () C:\Users\Jernej\Desktop\CLEANING VIRUSES 8.2016\247fix...22.12.16\CKScanner.exe
2015-01-10 19:01 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-10 19:01 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-10 19:01 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-10 19:01 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-10 19:01 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-10-17 07:35 - 2013-12-10 06:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-12-15 17:48 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 17:48 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-19 09:42 - 2016-12-19 09:42 - 17833560 _____ () C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7914 more sites.
 
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123simsen.com -> www.123simsen.com
 
There are 7914 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2016-08-11 12:31 - 00453322 ____R C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15553 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 84.255.209.79 - 84.255.210.79
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{42CDF0B4-4C93-4658-9E38-2211022A85A2}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe
FirewallRules: [UDP Query User{CBE72B56-AF81-4996-BE9E-611F79B06354}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe
FirewallRules: [{6EC666CD-1DCA-4FF6-AB71-6D070DE95239}] => C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{7B94BDAC-B41B-48F3-839E-CEA31B93D67C}] => C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{2DA4AA07-A06C-49C1-AC0A-AA177F56EF56}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{05E0CDCF-25F7-4941-802B-1F1C5C23A332}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BA9F6EA5-F637-411E-9D9A-C9C31BB78B58}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{ED4EECBE-F5BF-41AC-81B2-CDF2855178E6}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C352ECA3-0D13-4D44-A916-07F83922FE59}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D08A593B-9435-41D9-96BC-ED9923399F18}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{59EC815D-7AFA-4344-A2DF-29319FC81381}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8FCCC32D-62BA-4FA1-B14C-BAD313C71048}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{89FC8B99-8C6E-45C8-9AD0-2E794874F77B}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8375A686-5438-4D36-A857-F1ACF2BAEDB2}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D1B47440-8494-41B7-9108-AF3C859556E2}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{805F6CD4-7D79-4E8E-B4F3-C1E852CBA840}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{71AA118D-3460-46E7-8373-7705F29E0293}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CD8F4598-6EB8-4487-AFBB-20938F268897}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2051E861-708D-41A8-9E6C-7F420A30D497}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4FBCF6D2-232B-4B4B-B641-A71A40278ECC}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F47537A9-6967-4997-B355-E5CE60860BCB}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3BAB8D33-9ECF-48F6-99DA-ABADDF595A73}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DDA499C4-5B57-4F1E-AAED-B8028263D705}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{22F58D2D-A8EE-4310-8874-16E16F43A11E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A80DDCCB-EF45-4C74-BDF7-FDA1EB06F3D8}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{003014F9-7CFB-4913-8A6A-CD8723CF40B4}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [TCP Query User{D8AF7791-95C8-49B2-9069-E13F50ED0D9F}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CA6C5949-857B-4426-BD71-FA264EAB2179}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{443519A2-C4D8-42F5-9395-0E951F8AC3BF}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{459ECC2D-5C5E-4AA9-A4FF-9E03C9684663}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0E2D1E97-794C-461E-A504-7D6CA2E3AFE2}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E43895AA-A3E9-4031-8599-E16E428CBCD4}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6311856D-27F0-4F1B-AF6F-2EF5263BB34D}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8377A8CE-0F51-4DB5-B6A7-2FBD469F1BB1}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5478A14E-60E5-48B1-81A6-1E73F55E3819}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{56E52500-6A5E-4C58-9FE2-D3A5754BBC34}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{97EC1FA7-3B21-4B76-B32E-278199C5001F}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{34E45DA3-BBCA-4531-B488-03F0012D900C}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2329650-5D73-422A-ABE6-ECB83713C026}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0EB9616F-CA04-43A1-966A-FB34A615C2C0}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{05FFC6A3-22F8-4D1F-A635-2C9300D01128}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE47CC34-8EC5-48E0-946F-80B4356EB631}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8CCECAE-2D33-430D-803F-8E9A0D46BD2E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{99BA3B55-9DAD-4DEA-AF12-54D5932C9732}] => C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{094CFDD2-E959-4E5B-8BD7-E3F9B40CA882}] => C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{685DB42B-1AF7-4FC1-9C77-2F1F6ED99BCB}] => C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DB31FA1C-64B1-49FE-BBE0-4B231ECD8700}] => C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1AA52942-D504-43FF-B146-4F6B9193F22E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7C55BF79-93FE-437D-B943-652D1D56CF6E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [TCP Query User{87FE0258-FF93-4090-8165-A7CDB886D749}C:\downloads\bitcomet\aoe2conq\empires2.exe] => C:\downloads\bitcomet\aoe2conq\empires2.exe
FirewallRules: [UDP Query User{80D530E4-B3AA-4320-A1ED-DC134F5E83CE}C:\downloads\bitcomet\aoe2conq\empires2.exe] => C:\downloads\bitcomet\aoe2conq\empires2.exe
FirewallRules: [TCP Query User{AAE6B486-9107-4A7B-9F9B-8827CACDE267}C:\downloads\bitcomet\aoe2conq\age2_x1.exe] => C:\downloads\bitcomet\aoe2conq\age2_x1.exe
FirewallRules: [UDP Query User{76C90AEC-48AB-48C7-80D2-045BCBD6F3B9}C:\downloads\bitcomet\aoe2conq\age2_x1.exe] => C:\downloads\bitcomet\aoe2conq\age2_x1.exe
FirewallRules: [TCP Query User{C61B7604-0DC5-48E5-9714-73578FE47FAF}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe
FirewallRules: [UDP Query User{B308E31E-4290-4C1E-AE1F-F988C8F9F6DB}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe
FirewallRules: [TCP Query User{9FBE2060-3F4D-4D01-B45C-CED1C6724BA2}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe
FirewallRules: [UDP Query User{559E3177-441A-43CA-9CBB-BBA2B26D36CE}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe
FirewallRules: [TCP Query User{C581DBAA-BCDA-4CD1-B554-A32A39F0A156}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [UDP Query User{9A858B04-E66E-4B10-B19A-42C5799DB07D}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [{43DAD11F-E707-4106-8701-E2E5F5F80F33}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{862FDC02-CC4D-452D-80AA-9A2E8FC80A3E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3C5F9759-F9CC-4DA0-BBEF-F1CE00A04515}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{839B9CE2-85F6-4753-8E6B-DE3A8E123CE9}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{80BD58A5-0D69-4BD2-AF71-0ACD2268D4FC}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2E45AA62-DDA2-47E1-B02D-041E04CF0E48}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{38156B92-492E-46C3-B7D9-5B5CA791CB22}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2804B13F-6E4E-456A-A1BA-F4C4329D867D}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{66DE6CD2-8994-49FB-8DBC-5C32A73594B7}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FEB10EC4-9FFE-40E1-80A2-36153D6082D0}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{830B42C6-58C3-4425-AB93-37C78BBE51AD}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C812EC69-2895-478C-AD4D-01F2F258BB0C}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D1BD6247-5DD4-4753-81E8-2956602C15DD}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{85D1C169-80BA-43B6-8FC8-A39CB655DB56}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3BFC3367-844B-4E88-A555-653D01E7936E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E0B83DC9-85E6-4F56-9B94-C12FCA680C8C}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D423F623-09F4-495C-A6B8-98EB5694BF2A}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
19-12-2016 14:02:21 Windows Update
22-12-2016 11:41:07 247backup.2016.12.22.ob11.40
23-12-2016 06:38:37 Windows Update
26-12-2016 08:39:53 Windows Update
28-12-2016 07:22:42 Removed Nero 2015.
28-12-2016 07:34:12 Removed Nero BackItUp 11 Essentials CDPack.
28-12-2016 07:36:36 Removed Nero Backup Drivers.
28-12-2016 11:59:14 Removed ACDSee 4.0
28-12-2016 12:01:07 Removed ACDSee 4.0
28-12-2016 12:04:18 Removed ACDSee Pro 4.
 
==================== Faulty Device Manager Devices =============
 
Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47)
Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available.
 
Name: Realtek Bluetooth 4.0 Adapter
Description: Realtek Bluetooth 4.0 Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Realtek Semiconductor Corp.
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/28/2016 12:39:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "E:\!!!!!MANUAL BACKUP\!!!setup programs\SoftonicDownloader_for_samsung-kies.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (12/28/2016 12:03:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\!!!DOKUMENTI ZA BACKUP\!!!setup programs\SoftonicDownloader_for_samsung-kies.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (12/28/2016 10:52:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/28/2016 10:29:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\!!!DOKUMENTI ZA BACKUP\!!!setup programs\SoftonicDownloader_for_samsung-kies.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (12/28/2016 07:54:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Napačno ime programa: mbamservice.exe, različica: 3.1.0.388, časovni žig: 0x58320f73
Napačno ime modula: ntdll.dll, različica: 6.1.7601.23572, časovni žig: 0x57fd0651
Koda izjeme: 0xc0000005
Napačen odmik: 0x0000000000026483
Napačen id procesa: 0xce0
Napačen začetni čas programa: 0x01d260d5f7fa1df9
Napačna programska pot: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Napačna pot modula: C:\Windows\SYSTEM32\ntdll.dll
Id poročila: 7d87d44e-ccca-11e6-a802-1458d0c7fc30
 
Error: (12/28/2016 07:45:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/28/2016 07:16:47 AM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Unable to initialize the filter host process. Terminating.
 
Details:
Operacija vrnjena, ker je časovna omejitev potekla.  (HRESULT : 0x800705b4) (0x800705b4)
 
Error: (12/27/2016 09:33:05 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Varnostno kopiranje ni bilo končano, ker je prišlo do napake pri zapisovanju na mesto za varnostne kopije E:\. Napaka je: Mesta za varnostne kopije ni mogoče najti ali ni veljavno. Preglejte nastavitve varnostnega kopiranja in preverite mesto varnostnih kopij. (0x81000006).
 
Error: (12/26/2016 08:23:06 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Varnostno kopiranje ni bilo končano, ker je prišlo do napake pri zapisovanju na mesto za varnostne kopije E:\. Napaka je: Mesta za varnostne kopije ni mogoče najti ali ni veljavno. Preglejte nastavitve varnostnega kopiranja in preverite mesto varnostnih kopij. (0x81000006).
 
Error: (12/26/2016 08:19:23 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Varnostno kopiranje ni bilo končano, ker je prišlo do napake pri zapisovanju na mesto za varnostne kopije E:\. Napaka je: Mesta za varnostne kopije ni mogoče najti ali ni veljavno. Preglejte nastavitve varnostnega kopiranja in preverite mesto varnostnih kopij. (0x81000006).
 
 
System errors:
=============
Error: (12/28/2016 10:54:06 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (12/28/2016 10:54:06 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (12/28/2016 10:53:11 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (12/28/2016 10:45:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Pri čakanju na odziv transakcije storitve Power je bila dosežena časovna omejitev (30000 milisekund).
 
Error: (12/28/2016 10:44:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Pri čakanju na odziv transakcije storitve MBAMService je bila dosežena časovna omejitev (30000 milisekund).
 
Error: (12/28/2016 08:50:09 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Pri čakanju na odziv transakcije storitve LanmanServer je bila dosežena časovna omejitev (30000 milisekund).
 
Error: (12/28/2016 08:49:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Pri čakanju, da storitev Windows Error Reporting Service vzpostavi povezavo, je bila dosežena časovna omejitev (30000 milisekund).
 
Error: (12/28/2016 07:54:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Storitev »Malwarebytes Service« se je nepričakovano prekinila. To je storila 1-krat.
 
Error: (12/28/2016 07:53:42 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Storitev »Windows Update« se je prenehala odzivati med zagonom.
 
Error: (12/28/2016 07:51:06 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 52%
Total physical RAM: 8064.11 MB
Available physical RAM: 3816.62 MB
Total Virtual: 16126.4 MB
Available Virtual: 11802.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:698.54 GB) (Free:268.82 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A5703559)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#6 seedy21

seedy21

    Advanced Forum Junkie

  • Administrator
  • 120 posts
  • Gender:Male
  • Location:West Yorkshire, UK
  • Interests:IT, malware removal and Radio Stations

Posted 28 December 2016 - 09:11 PM

Hello winersnic
 
Step 1

Peer-to-Peer Programs Warning

Your log shows that you are using so called peer-to-peer or file-sharing programs (in your case BitComet). These programs allow to share files between users as the name(s) suggest. In today's world cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is your decision whether or not you wish to keep your program(s) but I suggest you remove it via add/remove. However, please refrain from using them until your computer has been declared clean.

Step 2

Please download Defogger and save it to your Desktop.
  • Double click Defogger.exe to run the program.
    Note Windows Vista /7 should right click and Run As Administrator
  • Click on Disable and then Yes. The Scan may take a while to complete
  • When this has completed you will get a new window open with the Finished box, click Continue and Close Defogger Down
  • Step 3

    Open notepad. Please copy the contents of the code box below.
    To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
    Save it on the Desktop as fixlist.txt

    start
    CloseProcesses:
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {57533554-0c1e-11e6-8cc9-38b1db9df968} - G:\CDCheck.exe
    HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {57533558-0c1e-11e6-8cc9-38b1db9df968} - H:\CDCheck.exe
    HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {b0f96005-d93e-11e5-810c-38b1db9df968} - E:\autorun.exe
    HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {b0f9601c-d93e-11e5-810c-38b1db9df968} - F:\autorun.exe
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    Task: {1CD0CF01-CC38-4ABA-81E9-856F92CF0480} - System32\Tasks\aew3wwgw => C:\Program Files\Common Files\kegzscx5\d43dcnw0thxcg.exe <==== ATTENTION
    Task: {1D9A101B-B904-46B7-B9A2-1E4A034F364B} - System32\Tasks\bzlgyg1h => C:\Program Files\Common Files\pr0krzx1\52038npzmibh2.exe <==== ATTENTION
    Task: {261F065E-BA19-4CCA-8776-CFFFB45EE80A} - System32\Tasks\dx0alk5l => C:\Program Files\Common Files\tkt2g0da\1d426sqxyvnqc.exe <==== ATTENTION
    Task: {304EA0D6-477C-4FDE-8CFC-3DD08E6833E6} - \iroductuol -> No File <==== ATTENTION
    Task: {3CF90AAF-3A3A-48AE-8E3B-4FCA630D20C4} - System32\Tasks\w4oqkuw4 => C:\Program Files\Common Files\lhw2javn\db899u3bh41dx.exe <==== ATTENTION
    Task: {3E7E7D77-654A-4472-8AFD-088EDDBE624F} - System32\Tasks\gs0xirtn => C:\Program Files\Common Files\uirjnnf2\189f1trzrsatt.exe <==== ATTENTION
    Task: {410347DE-3EBC-4D2B-8DE2-BB205187CA21} - System32\Tasks\rwxtky3g => C:\Program Files\Common Files\ujvxasm0\09e10qonzu23e.exe <==== ATTENTION
    Task: {42EC75BC-63FA-4D0E-A20E-139C79F2064C} - System32\Tasks\nhzvoppp => C:\Program Files\Common Files\2krelaqr\d111a4zt4hmo1.exe <==== ATTENTION
    Task: {4ADE3A03-7D73-4A76-B348-6956D20BE4A2} - System32\Tasks\vobtm3pr => C:\Program Files\Common Files\g15zxh2x\5fca53bcqw3kz.exe <==== ATTENTION
    Task: {5CCFC39E-40CA-47EE-93B2-AA7F190F4868} - System32\Tasks\jyluoi3o => C:\Program Files\Common Files\kdshgy2y\04f1f51ndwsdw.exe <==== ATTENTION
    Task: {5DE9D4EC-62CA-44D7-B515-66CA20E30A12} - System32\Tasks\34bzjgdx => C:\Program Files\Common Files\t4guc34w\43a20sybjnkgy.exe <==== ATTENTION
    Task: {61D1C7DF-FC15-47ED-82B3-DBE7A90DD6E1} - System32\Tasks\n5nimpm4 => C:\Program Files\Common Files\vl40wgm2\7c699xxmjmkl2.exe <==== ATTENTION
    Task: {672E2CC8-9E53-4CF4-A946-1AFE7544AF9A} - System32\Tasks\w5xmqrcq => C:\Program Files\Common Files\vg3spayq\5cf43em4bjwkt.exe <==== ATTENTION
    Task: {8538BBAD-7C03-499F-A240-CF672496B93F} - System32\Tasks\igritx3u => C:\Program Files\Common Files\rnjokjf4\6f57fetxki00d.exe <==== ATTENTION
    Task: {8FC23127-DF86-4097-9915-99B854637BAB} - System32\Tasks\vldfwxve => C:\Program Files\Common Files\44lsfwfm\080dcjaag0eod.exe <==== ATTENTION
    Task: {9EF728DC-1F78-4955-BE9B-7F171C131D44} - System32\Tasks\xjyzd1ki => C:\Program Files\Common Files\ysxx5yhb\48ea1b3ohf4wl.exe <==== ATTENTION
    Task: {BB14361B-6415-4DD5-8719-F0D7FC04778D} - System32\Tasks\rz54y325 => C:\Program Files\Common Files\2gn2rbic\051e6ldtingzt.exe <==== ATTENTION
    Task: {BB786BFC-B154-4DEC-852C-5C3B6BC72362} - System32\Tasks\k2wgs20j => C:\Program Files\Common Files\pg0jaxsw\0d229btfrvrt4.exe <==== ATTENTION
    Task: {D86C73AF-34CC-47B0-BD37-35715A5CB934} - System32\Tasks\fr2evhkj => C:\Program Files\Common Files\b3s24rro\92134w0wohno2.exe <==== ATTENTION
    Task: {DE25E640-39B9-4F7E-8133-964B68D3C187} - System32\Tasks\aamtcoic => C:\Program Files\Common Files\psmluq23\b224dixovo2ps.exe <==== ATTENTION
    Task: {DEE91ED5-72D4-4732-8E17-4204C7D20BE1} - System32\Tasks\325t2dgz => C:\Program Files\Common Files\cf5tnvux\813f4znyjmvek.exe <==== ATTENTION
    Task: {F36DE809-99BA-4026-9C05-3F080FF21E70} - System32\Tasks\idrs0g0w => C:\Program Files\Common Files\hoa0ouqc\56fbapto3aemc.exe <==== ATTENTION
    Task: {F8DA3BE4-37AC-46D6-8A7A-F0FF2F465ED6} - System32\Tasks\qg0zoahs => C:\Program Files\Common Files\yp2muamg\46ec24hx2bmax.exe <==== ATTENTION
    Task: {F97AC0CF-DCBF-4A88-A8E0-5026EF385406} - System32\Tasks\yqqzgxft => C:\Program Files\Common Files\hqzjqhyj\0d94ejvnaauru.exe <==== ATTENTION
    Task: {FFF7D1C5-B259-49BD-9F1F-0018F389CC5D} - System32\Tasks\g4hx0oj0 => C:\Program Files\Common Files\35rlgvd1\8922043tt2wjb.exe <==== ATTENTION
    C:\Program Files\Common Files\nxqix2v4.exe
    C:\Program Files\Common Files\vczke5tf.exe
    C:\Program Files\Common Files\tvp0ztb2.exe
    C:\Program Files\Common Files\sfgifsmn.exe
    C:\Program Files\Common Files\mkool4nz.exe
    C:\Program Files\Common Files\kukhs5yc.exe
    C:\Program Files\Common Files\keeflik3.exe
    C:\Program Files\Common Files\ivnncg3v.exe
    C:\Program Files\Common Files\fuizqtnt.exe
    C:\Program Files\Common Files\bj4smrpj.exe
    C:\Program Files\Common Files\3q4nu04v.exe
    C:\Program Files\Common Files\3fzkvfce.exe
    C:\Program Files\Common Files\wugd3s1k.exe
    C:\Program Files\Common Files\oe5rxgmy.exe
    C:\Program Files\Common Files\uowpj54y.exe
    C:\Program Files\Common Files\vwsegdek.exe
    C:\Program Files\Common Files\rsgzqio1.exe
    C:\Program Files\Common Files\qs1mlvay.exe
    C:\Program Files\Common Files\p1qnbqql.exe
    C:\Program Files\Common Files\cj2zwhls.exe
    C:\Program Files\Common Files\4pje2usj.exe
    C:\Program Files\Common Files\3hmbjydh.exe
    C:\Program Files\Common Files\xdcfvull.exe
    C:\Program Files\Common Files\u5e3xqwm.exe
    C:\Program Files\Common Files\sdd5fdmt.exe
    C:\Program Files\Common Files\otfg1co3.exe
    C:\Program Files\Common Files\e15zwtfd.exe
    C:\Program Files\Common Files\c4jrup5i.exe
    C:\Program Files\Common Files\bev1tt0w.exe
    C:\Program Files\Common Files\3crnd5s4.exe
    C:\Program Files\Common Files\xwfp3nce.exe
    C:\Program Files\Common Files\tcxzcyiq.exe
    C:\Program Files\Common Files\olf1kjhh.exe
    C:\Program Files\Common Files\jwnivu1w.exe
    C:\Program Files\Common Files\tvxpfunq.exe
    C:\Program Files\Common Files\oqhrpyau.exe
    C:\Program Files\Common Files\dqf0nuhv.exe
    C:\Program Files\Common Files\kbsen10d.exe
    C:\Program Files\Common Files\jkol1wsz.exe
    C:\Program Files\Common Files\ixyljokq.exe
    C:\Program Files\Common Files\euu02fii.exe
    C:\Program Files\Common Files\2ozgoojj.exe
    C:\Program Files\Common Files\zu3awbg2.exe
    C:\Program Files\Common Files\zshdiv54.exe
    C:\Program Files\Common Files\ywh20yst.exe
    C:\Program Files\Common Files\wuf4xr5f.exe
    C:\Program Files\Common Files\vhgrdcjw.exe
    C:\Program Files\Common Files\v2mqzgiv.exe
    C:\Program Files\Common Files\rgmctvpo.exe
    C:\Program Files\Common Files\rb5gu2a4.exe
    C:\Program Files\Common Files\pt2bgm5a.exe
    C:\Program Files\Common Files\kti2cpft.exe
    C:\Program Files\Common Files\krdcyofl.exe
    C:\Program Files\Common Files\kmvjzs2c.exe
    C:\Program Files\Common Files\kdfdw1nx.exe
    C:\Program Files\Common Files\jnd1lkzy.exe
    C:\Program Files\Common Files\ipymryka.exe
    C:\Program Files\Common Files\gypr5lcy.exe
    C:\Program Files\Common Files\fyxzggo4.exe
    C:\Program Files\Common Files\fm0btic2.exe
    C:\Program Files\Common Files\eh44yp5b.exe
    C:\Program Files\Common Files\eesjskqo.exe
    C:\Program Files\Common Files\crftw0hg.exe
    C:\Program Files\Common Files\cqd4ru0n.exe
    C:\Program Files\Common Files\cqcpdayj.exe
    C:\Program Files\Common Files\33nzp3ds.exe
    C:\Program Files\Common Files\4yckbatn.exe
    C:\Program Files\Common Files\vl1ychoa.exe
    C:\Program Files\Common Files\k5s5jr3c.exe
    C:\Program Files\Common Files\gidl3212.exe
    C:\Program Files\Common Files\eldcccjx.exe
    C:\Program Files\Common Files\4mjjul5p.exe
    C:\Program Files\Common Files\1w31tty5.exe
    C:\Program Files\Common Files\4avdldsz.exe
    C:\Program Files\Common Files\kpbsvgsf.exe
    C:\Program Files\Common Files\zoc0wpej.exe
    C:\Program Files\Common Files\zm3eqna5.exe
    C:\Program Files\Common Files\vnliupbx.exe
    C:\Program Files\Common Files\rxdu4hxh.exe
    C:\Program Files\Common Files\ngwslksm.exe
    C:\Program Files\Common Files\jb44irkl.exe
    C:\Program Files\Common Files\j4yr4toi.exe
    C:\Program Files\Common Files\hmgtsovy.exe
    C:\Program Files\Common Files\fzpkj1kt.exe
    C:\Program Files\Common Files\e3ee5qol.exe
    C:\Program Files\Common Files\do3zwpeu.exe
    C:\Program Files\Common Files\csji25pz.exe
    C:\Program Files\Common Files\bru4lzu0.exe
    C:\Program Files\Common Files\ari0p41n.exe
    C:\Program Files\Common Files\aluxhvc5.exe
    C:\Program Files\Common Files\5z5ytn0z.exe
    C:\Program Files\Common Files\3xjp4ttv.exe
    C:\Program Files\Common Files\31upcpzi.exe
    C:\Program Files\Common Files\2l3ciwb3.exe
    C:\Program Files\Common Files\xxn1ycch.exe
    C:\Program Files\Common Files\wwsrc0yl.exe
    C:\Program Files\Common Files\tv0asxre.exe
    C:\Program Files\Common Files\syk044vm.exe
    C:\Program Files\Common Files\qaublevw.exe
    C:\Program Files\Common Files\nh0tvqsi.exe
    C:\Program Files\Common Files\lrnrnctq.exe
    C:\Program Files\Common Files\lndi0yuu.exe
    C:\Program Files\Common Files\jrjms1r2.exe
    C:\Program Files\Common Files\itmi3qly.exe
    C:\Program Files\Common Files\hplueezn.exe
    C:\Program Files\Common Files\hc430lux.exe
    C:\Program Files\Common Files\gz25frol.exe
    C:\Program Files\Common Files\a42t5mkl.exe
    C:\Program Files\Common Files\a1jy3ptn.exe
    C:\Program Files\Common Files\5m1b40zw.exe
    C:\Program Files\Common Files\5cmfddtd.exe
    C:\Program Files\Common Files\3fpc2g5z.exe
    C:\Program Files\Common Files\34vjp4is.exe
    C:\Program Files\Common Files\2qpcohij.exe
    C:\Program Files\Common Files\0mihtvzr.exe
    C:\Program Files\Common Files\0gphgoj2.exe
    C:\Program Files\Common Files\0e1innp3.exe
    C:\Program Files\Common Files\001dk12b.exe
    C:\Program Files\Common Files\orijtx1e.exe
    C:\Program Files\Common Files\h1ialekr.exe
    C:\Program Files\Common Files\vuvcjowk.exe
    C:\Program Files\Common Files\2czivodn.exe
    C:\Program Files\Common Files\sapjv1qo.exe
    C:\Program Files\Common Files\p4d4ysvq.exe
    C:\Program Files\Common Files\euhfpce5.exe
    C:\Program Files\Common Files\eetjjixn.exe
    C:\Program Files\Common Files\sxymutwi.exe
    C:\Program Files\Common Files\rx5mudb2.exe
    C:\Program Files\Common Files\fbik4zax.exe
    C:\Program Files\Common Files\0mbeyhao.exe
    C:\Program Files\Common Files\scsrrdb0.exe
    C:\Program Files\Common Files\fcsmii5k.exe
    C:\Program Files\Common Files\cwdxd4aj.exe
    C:\Program Files\Common Files\5xri25eq.exe
    C:\Program Files\Common Files\2hyvckgp.exe
    C:\Program Files\Common Files\1m2oaq2i.exe
    C:\Program Files\Common Files\yg4vbnnx.exe
    C:\Program Files\Common Files\rwn4isn4.exe
    C:\Program Files\Common Files\micw0en0.exe
    C:\Program Files\Common Files\m5gksziz.exe
    C:\Program Files\Common Files\k0dt5xyl.exe
    C:\Program Files\Common Files\ipf30phh.exe
    C:\Program Files\Common Files\ysri4jqx.exe
    C:\Program Files\Common Files\yjfiyns5.exe
    C:\Program Files\Common Files\y4kf4lua.exe
    C:\Program Files\Common Files\y2ugcrze.exe
    C:\Program Files\Common Files\uhawpzv4.exe
    C:\Program Files\Common Files\qiqf403k.exe
    C:\Program Files\Common Files\ncwu3opx.exe
    C:\Program Files\Common Files\commluf1.exe
    C:\Program Files\Common Files\nrylwlas.exe
    C:\Program Files\Common Files\awjsda0d.exe
    C:\Program Files\Common Files\ztc00rpz.exe
    C:\Program Files\Common Files\wwo5ffrl.exe
    C:\Program Files\Common Files\rrpvpit0.exe
    C:\Program Files\Common Files\4lwyqj04.exe
    C:\Program Files\Common Files\43ukpr0k.exe
    C:\Program Files\Common Files\rt0quins.exe
    C:\Program Files\Common Files\lkoi2shf.exe
    C:\Program Files\Common Files\2rl5yecs.exe
    C:\Program Files\Common Files\jimdwk24.exe
    C:\Program Files\Common Files\vmnrgjab.exe
    C:\Program Files\Common Files\ki1yk2pa.exe
    C:\Program Files\Common Files\ic21ba5x.exe
    C:\Program Files\Common Files\gwmmy2io.exe
    C:\Program Files\Common Files\c0m2zcp1.exe
    C:\Program Files\Common Files\ajuo2qtx.exe
    C:\Program Files\Common Files\fxqf2g0c.exe
    C:\Program Files\Common Files\g4aph4bk.exe
    C:\Program Files\Common Files\3v0vac0x.exe
    C:\Program Files\Common Files\ad55zlca.exe
    C:\Program Files\Common Files\u3hoj5iq.exe
    C:\Program Files\Common Files\ojt3faqt.exe
    C:\Program Files\Common Files\w4opv5kx.exe
    C:\Program Files\Common Files\y5cmu0ku.exe
    C:\Program Files\Common Files\jwi3dj2f.exe
    C:\Program Files\Common Files\cauh0ybn.exe
    C:\Program Files\Common Files\xfna1tcq.exe
    C:\Program Files\Common Files\ln4iod3t.exe
    C:\Program Files\Common Files\lexwnqln.exe
    C:\Program Files\Common Files\yswveqqx.exe
    C:\Program Files\Common Files\vjmtxj5l.exe
    C:\Program Files\Common Files\uqgjwcsu.exe
    C:\Program Files\Common Files\rqzosy05.exe
    C:\Program Files\Common Files\dod51cix.exe
    C:\Program Files\Common Files\cxmjuknk.exe
    C:\Program Files\Common Files\ciisrtq2.exe
    C:\Program Files\Common Files\bbrkntag.exe
    C:\Program Files\Common Files\akvdljbw.exe
    C:\Program Files\Common Files\5tsj0dr2.exe
    C:\Program Files\Common Files\5sef1rgv.exe
    C:\Program Files\Common Files\p2pdv21t.exe
    C:\Program Files\Common Files\ztktlnti.exe
    C:\Program Files\Common Files\tppr2cu0.exe
    C:\Program Files\Common Files\q0yloisv.exe
    C:\Program Files\Common Files\maklm4nz.exe
    C:\Program Files\Common Files\hdwsbcmp.exe
    C:\Program Files\Common Files\ez03fq4r.exe
    C:\Program Files\Common Files\ayhomga2.exe
    C:\Program Files\Common Files\4b2cbmd0.exe
    C:\Program Files\Common Files\1k4puy4n.exe
    C:\Program Files\Common Files\4ufisxbj.exe
    C:\Program Files\Common Files\4ttvy0so.exe
    C:\Program Files\Common Files\4mla1ysm.exe
    C:\Program Files\Common Files\2jmiqmog.exe
    C:\Program Files\Common Files\1hbi4kw1.exe
    C:\Program Files\Common Files\qzvrnfdp.exe
    C:\Program Files\Common Files\ndrwxafu.exe
    C:\Program Files\Common Files\kgbpmhrn.exe
    C:\Program Files\Common Files\dreu5ktk.exe
    C:\Program Files\Common Files\bqu05vlt.exe
    C:\Program Files\Common Files\4yksy5l5.exe
    C:\Program Files\Common Files\3dgcypuv.exe
    C:\Program Files\Common Files\2xyrg0md.exe
    C:\Program Files\Common Files\wr5do3mv.exe
    C:\Program Files\Common Files\o5nfrwcw.exe
    C:\Program Files\Common Files\llm23iq2.exe
    C:\Program Files\Common Files\r2fgl15t.exe
    C:\Program Files\Common Files\uoxtp5mf.exe
    C:\Program Files\Common Files\fvsh1zrz.exe
    C:\Program Files\Common Files\kbeepq3w.exe
    C:\Program Files\Common Files\d5y5kpxe.exe
    C:\Program Files\Common Files\gh0hlx4u.exe
    C:\Program Files\Common Files\nacfzv3q.exe
    C:\Program Files\Common Files\k0xbs1r4.exe
    C:\Program Files\Common Files\31nhsocp.exe
    C:\Program Files\Common Files\z5ha44fq.exe
    C:\Program Files\Common Files\x2wnjm1b.exe
    C:\Program Files\Common Files\vv0aw5hz.exe
    C:\Program Files\Common Files\vmxlcbkm.exe
    C:\Program Files\Common Files\uxtms3nn.exe
    C:\Program Files\Common Files\uhegpjfs.exe
    C:\Program Files\Common Files\te3htbdw.exe
    C:\Program Files\Common Files\sk4htdoy.exe
    C:\Program Files\Common Files\rugbnzbx.exe
    C:\Program Files\Common Files\r1kz0usq.exe
    C:\Program Files\Common Files\pzv2xkda.exe
    C:\Program Files\Common Files\pnt2j2ag.exe
    C:\Program Files\Common Files\odt1vqlk.exe
    C:\Program Files\Common Files\n1gyzmoy.exe
    C:\Program Files\Common Files\mdgddrr4.exe
    C:\Program Files\Common Files\kne3wgqv.exe
    C:\Program Files\Common Files\jjilqnhr.exe
    C:\Program Files\Common Files\g4r5opax.exe
    C:\Program Files\Common Files\ch4w3fbm.exe
    C:\Program Files\Common Files\areab3p4.exe
    C:\Program Files\Common Files\3u2bsn5p.exe
    C:\Program Files\Common Files\34pnig1q.exe
    C:\Program Files\Common Files\jzhud1yt.exe
    C:\Program Files\Common Files\dphlerpw.exe
    C:\Program Files\Common Files\e11al15p.exe
    C:\Program Files\Common Files\4duzljbv.exe
    EmptyTemp:
    end
    
    
    NOTICE: This script was written specifically for this user, for use on that particular machine.
    Running this on another machine may cause damage to your operating system

Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the desktop (Fixlog.txt) please post it to your reply.

Step 4

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When update is complete, click Malware Scan. When asked if you want the scanner to scan for Potentially Unwanted Programs, click Yes. Emsisoft Emergency Kit will start scanning.
  • When the scan is completed click Quarantine selected objects. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop and post the contents in your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.


#7 winersnicl

winersnicl

    New Member

  • Member
  • Pip
  • 9 posts

Posted 29 December 2016 - 05:20 AM

Hello seedy21, 

 

 

here is the fixlog.txt:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Jernej (29-12-2016 00:21:11) Run:1
Running from C:\Users\Jernej\Desktop
Loaded Profiles: Jernej (Available Profiles: Jernej)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {57533554-0c1e-11e6-8cc9-38b1db9df968} - G:\CDCheck.exe
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {57533558-0c1e-11e6-8cc9-38b1db9df968} - H:\CDCheck.exe
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {b0f96005-d93e-11e5-810c-38b1db9df968} - E:\autorun.exe
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\MountPoints2: {b0f9601c-d93e-11e5-810c-38b1db9df968} - F:\autorun.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Task: {1CD0CF01-CC38-4ABA-81E9-856F92CF0480} - System32\Tasks\aew3wwgw => C:\Program Files\Common Files\kegzscx5\d43dcnw0thxcg.exe <==== ATTENTION
Task: {1D9A101B-B904-46B7-B9A2-1E4A034F364B} - System32\Tasks\bzlgyg1h => C:\Program Files\Common Files\pr0krzx1\52038npzmibh2.exe <==== ATTENTION
Task: {261F065E-BA19-4CCA-8776-CFFFB45EE80A} - System32\Tasks\dx0alk5l => C:\Program Files\Common Files\tkt2g0da\1d426sqxyvnqc.exe <==== ATTENTION
Task: {304EA0D6-477C-4FDE-8CFC-3DD08E6833E6} - \iroductuol -> No File <==== ATTENTION
Task: {3CF90AAF-3A3A-48AE-8E3B-4FCA630D20C4} - System32\Tasks\w4oqkuw4 => C:\Program Files\Common Files\lhw2javn\db899u3bh41dx.exe <==== ATTENTION
Task: {3E7E7D77-654A-4472-8AFD-088EDDBE624F} - System32\Tasks\gs0xirtn => C:\Program Files\Common Files\uirjnnf2\189f1trzrsatt.exe <==== ATTENTION
Task: {410347DE-3EBC-4D2B-8DE2-BB205187CA21} - System32\Tasks\rwxtky3g => C:\Program Files\Common Files\ujvxasm0\09e10qonzu23e.exe <==== ATTENTION
Task: {42EC75BC-63FA-4D0E-A20E-139C79F2064C} - System32\Tasks\nhzvoppp => C:\Program Files\Common Files\2krelaqr\d111a4zt4hmo1.exe <==== ATTENTION
Task: {4ADE3A03-7D73-4A76-B348-6956D20BE4A2} - System32\Tasks\vobtm3pr => C:\Program Files\Common Files\g15zxh2x\5fca53bcqw3kz.exe <==== ATTENTION
Task: {5CCFC39E-40CA-47EE-93B2-AA7F190F4868} - System32\Tasks\jyluoi3o => C:\Program Files\Common Files\kdshgy2y\04f1f51ndwsdw.exe <==== ATTENTION
Task: {5DE9D4EC-62CA-44D7-B515-66CA20E30A12} - System32\Tasks\34bzjgdx => C:\Program Files\Common Files\t4guc34w\43a20sybjnkgy.exe <==== ATTENTION
Task: {61D1C7DF-FC15-47ED-82B3-DBE7A90DD6E1} - System32\Tasks\n5nimpm4 => C:\Program Files\Common Files\vl40wgm2\7c699xxmjmkl2.exe <==== ATTENTION
Task: {672E2CC8-9E53-4CF4-A946-1AFE7544AF9A} - System32\Tasks\w5xmqrcq => C:\Program Files\Common Files\vg3spayq\5cf43em4bjwkt.exe <==== ATTENTION
Task: {8538BBAD-7C03-499F-A240-CF672496B93F} - System32\Tasks\igritx3u => C:\Program Files\Common Files\rnjokjf4\6f57fetxki00d.exe <==== ATTENTION
Task: {8FC23127-DF86-4097-9915-99B854637BAB} - System32\Tasks\vldfwxve => C:\Program Files\Common Files\44lsfwfm\080dcjaag0eod.exe <==== ATTENTION
Task: {9EF728DC-1F78-4955-BE9B-7F171C131D44} - System32\Tasks\xjyzd1ki => C:\Program Files\Common Files\ysxx5yhb\48ea1b3ohf4wl.exe <==== ATTENTION
Task: {BB14361B-6415-4DD5-8719-F0D7FC04778D} - System32\Tasks\rz54y325 => C:\Program Files\Common Files\2gn2rbic\051e6ldtingzt.exe <==== ATTENTION
Task: {BB786BFC-B154-4DEC-852C-5C3B6BC72362} - System32\Tasks\k2wgs20j => C:\Program Files\Common Files\pg0jaxsw\0d229btfrvrt4.exe <==== ATTENTION
Task: {D86C73AF-34CC-47B0-BD37-35715A5CB934} - System32\Tasks\fr2evhkj => C:\Program Files\Common Files\b3s24rro\92134w0wohno2.exe <==== ATTENTION
Task: {DE25E640-39B9-4F7E-8133-964B68D3C187} - System32\Tasks\aamtcoic => C:\Program Files\Common Files\psmluq23\b224dixovo2ps.exe <==== ATTENTION
Task: {DEE91ED5-72D4-4732-8E17-4204C7D20BE1} - System32\Tasks\325t2dgz => C:\Program Files\Common Files\cf5tnvux\813f4znyjmvek.exe <==== ATTENTION
Task: {F36DE809-99BA-4026-9C05-3F080FF21E70} - System32\Tasks\idrs0g0w => C:\Program Files\Common Files\hoa0ouqc\56fbapto3aemc.exe <==== ATTENTION
Task: {F8DA3BE4-37AC-46D6-8A7A-F0FF2F465ED6} - System32\Tasks\qg0zoahs => C:\Program Files\Common Files\yp2muamg\46ec24hx2bmax.exe <==== ATTENTION
Task: {F97AC0CF-DCBF-4A88-A8E0-5026EF385406} - System32\Tasks\yqqzgxft => C:\Program Files\Common Files\hqzjqhyj\0d94ejvnaauru.exe <==== ATTENTION
Task: {FFF7D1C5-B259-49BD-9F1F-0018F389CC5D} - System32\Tasks\g4hx0oj0 => C:\Program Files\Common Files\35rlgvd1\8922043tt2wjb.exe <==== ATTENTION
C:\Program Files\Common Files\nxqix2v4.exe
C:\Program Files\Common Files\vczke5tf.exe
C:\Program Files\Common Files\tvp0ztb2.exe
C:\Program Files\Common Files\sfgifsmn.exe
C:\Program Files\Common Files\mkool4nz.exe
C:\Program Files\Common Files\kukhs5yc.exe
C:\Program Files\Common Files\keeflik3.exe
C:\Program Files\Common Files\ivnncg3v.exe
C:\Program Files\Common Files\fuizqtnt.exe
C:\Program Files\Common Files\bj4smrpj.exe
C:\Program Files\Common Files\3q4nu04v.exe
C:\Program Files\Common Files\3fzkvfce.exe
C:\Program Files\Common Files\wugd3s1k.exe
C:\Program Files\Common Files\oe5rxgmy.exe
C:\Program Files\Common Files\uowpj54y.exe
C:\Program Files\Common Files\vwsegdek.exe
C:\Program Files\Common Files\rsgzqio1.exe
C:\Program Files\Common Files\qs1mlvay.exe
C:\Program Files\Common Files\p1qnbqql.exe
C:\Program Files\Common Files\cj2zwhls.exe
C:\Program Files\Common Files\4pje2usj.exe
C:\Program Files\Common Files\3hmbjydh.exe
C:\Program Files\Common Files\xdcfvull.exe
C:\Program Files\Common Files\u5e3xqwm.exe
C:\Program Files\Common Files\sdd5fdmt.exe
C:\Program Files\Common Files\otfg1co3.exe
C:\Program Files\Common Files\e15zwtfd.exe
C:\Program Files\Common Files\c4jrup5i.exe
C:\Program Files\Common Files\bev1tt0w.exe
C:\Program Files\Common Files\3crnd5s4.exe
C:\Program Files\Common Files\xwfp3nce.exe
C:\Program Files\Common Files\tcxzcyiq.exe
C:\Program Files\Common Files\olf1kjhh.exe
C:\Program Files\Common Files\jwnivu1w.exe
C:\Program Files\Common Files\tvxpfunq.exe
C:\Program Files\Common Files\oqhrpyau.exe
C:\Program Files\Common Files\dqf0nuhv.exe
C:\Program Files\Common Files\kbsen10d.exe
C:\Program Files\Common Files\jkol1wsz.exe
C:\Program Files\Common Files\ixyljokq.exe
C:\Program Files\Common Files\euu02fii.exe
C:\Program Files\Common Files\2ozgoojj.exe
C:\Program Files\Common Files\zu3awbg2.exe
C:\Program Files\Common Files\zshdiv54.exe
C:\Program Files\Common Files\ywh20yst.exe
C:\Program Files\Common Files\wuf4xr5f.exe
C:\Program Files\Common Files\vhgrdcjw.exe
C:\Program Files\Common Files\v2mqzgiv.exe
C:\Program Files\Common Files\rgmctvpo.exe
C:\Program Files\Common Files\rb5gu2a4.exe
C:\Program Files\Common Files\pt2bgm5a.exe
C:\Program Files\Common Files\kti2cpft.exe
C:\Program Files\Common Files\krdcyofl.exe
C:\Program Files\Common Files\kmvjzs2c.exe
C:\Program Files\Common Files\kdfdw1nx.exe
C:\Program Files\Common Files\jnd1lkzy.exe
C:\Program Files\Common Files\ipymryka.exe
C:\Program Files\Common Files\gypr5lcy.exe
C:\Program Files\Common Files\fyxzggo4.exe
C:\Program Files\Common Files\fm0btic2.exe
C:\Program Files\Common Files\eh44yp5b.exe
C:\Program Files\Common Files\eesjskqo.exe
C:\Program Files\Common Files\crftw0hg.exe
C:\Program Files\Common Files\cqd4ru0n.exe
C:\Program Files\Common Files\cqcpdayj.exe
C:\Program Files\Common Files\33nzp3ds.exe
C:\Program Files\Common Files\4yckbatn.exe
C:\Program Files\Common Files\vl1ychoa.exe
C:\Program Files\Common Files\k5s5jr3c.exe
C:\Program Files\Common Files\gidl3212.exe
C:\Program Files\Common Files\eldcccjx.exe
C:\Program Files\Common Files\4mjjul5p.exe
C:\Program Files\Common Files\1w31tty5.exe
C:\Program Files\Common Files\4avdldsz.exe
C:\Program Files\Common Files\kpbsvgsf.exe
C:\Program Files\Common Files\zoc0wpej.exe
C:\Program Files\Common Files\zm3eqna5.exe
C:\Program Files\Common Files\vnliupbx.exe
C:\Program Files\Common Files\rxdu4hxh.exe
C:\Program Files\Common Files\ngwslksm.exe
C:\Program Files\Common Files\jb44irkl.exe
C:\Program Files\Common Files\j4yr4toi.exe
C:\Program Files\Common Files\hmgtsovy.exe
C:\Program Files\Common Files\fzpkj1kt.exe
C:\Program Files\Common Files\e3ee5qol.exe
C:\Program Files\Common Files\do3zwpeu.exe
C:\Program Files\Common Files\csji25pz.exe
C:\Program Files\Common Files\bru4lzu0.exe
C:\Program Files\Common Files\ari0p41n.exe
C:\Program Files\Common Files\aluxhvc5.exe
C:\Program Files\Common Files\5z5ytn0z.exe
C:\Program Files\Common Files\3xjp4ttv.exe
C:\Program Files\Common Files\31upcpzi.exe
C:\Program Files\Common Files\2l3ciwb3.exe
C:\Program Files\Common Files\xxn1ycch.exe
C:\Program Files\Common Files\wwsrc0yl.exe
C:\Program Files\Common Files\tv0asxre.exe
C:\Program Files\Common Files\syk044vm.exe
C:\Program Files\Common Files\qaublevw.exe
C:\Program Files\Common Files\nh0tvqsi.exe
C:\Program Files\Common Files\lrnrnctq.exe
C:\Program Files\Common Files\lndi0yuu.exe
C:\Program Files\Common Files\jrjms1r2.exe
C:\Program Files\Common Files\itmi3qly.exe
C:\Program Files\Common Files\hplueezn.exe
C:\Program Files\Common Files\hc430lux.exe
C:\Program Files\Common Files\gz25frol.exe
C:\Program Files\Common Files\a42t5mkl.exe
C:\Program Files\Common Files\a1jy3ptn.exe
C:\Program Files\Common Files\5m1b40zw.exe
C:\Program Files\Common Files\5cmfddtd.exe
C:\Program Files\Common Files\3fpc2g5z.exe
C:\Program Files\Common Files\34vjp4is.exe
C:\Program Files\Common Files\2qpcohij.exe
C:\Program Files\Common Files\0mihtvzr.exe
C:\Program Files\Common Files\0gphgoj2.exe
C:\Program Files\Common Files\0e1innp3.exe
C:\Program Files\Common Files\001dk12b.exe
C:\Program Files\Common Files\orijtx1e.exe
C:\Program Files\Common Files\h1ialekr.exe
C:\Program Files\Common Files\vuvcjowk.exe
C:\Program Files\Common Files\2czivodn.exe
C:\Program Files\Common Files\sapjv1qo.exe
C:\Program Files\Common Files\p4d4ysvq.exe
C:\Program Files\Common Files\euhfpce5.exe
C:\Program Files\Common Files\eetjjixn.exe
C:\Program Files\Common Files\sxymutwi.exe
C:\Program Files\Common Files\rx5mudb2.exe
C:\Program Files\Common Files\fbik4zax.exe
C:\Program Files\Common Files\0mbeyhao.exe
C:\Program Files\Common Files\scsrrdb0.exe
C:\Program Files\Common Files\fcsmii5k.exe
C:\Program Files\Common Files\cwdxd4aj.exe
C:\Program Files\Common Files\5xri25eq.exe
C:\Program Files\Common Files\2hyvckgp.exe
C:\Program Files\Common Files\1m2oaq2i.exe
C:\Program Files\Common Files\yg4vbnnx.exe
C:\Program Files\Common Files\rwn4isn4.exe
C:\Program Files\Common Files\micw0en0.exe
C:\Program Files\Common Files\m5gksziz.exe
C:\Program Files\Common Files\k0dt5xyl.exe
C:\Program Files\Common Files\ipf30phh.exe
C:\Program Files\Common Files\ysri4jqx.exe
C:\Program Files\Common Files\yjfiyns5.exe
C:\Program Files\Common Files\y4kf4lua.exe
C:\Program Files\Common Files\y2ugcrze.exe
C:\Program Files\Common Files\uhawpzv4.exe
C:\Program Files\Common Files\qiqf403k.exe
C:\Program Files\Common Files\ncwu3opx.exe
C:\Program Files\Common Files\commluf1.exe
C:\Program Files\Common Files\nrylwlas.exe
C:\Program Files\Common Files\awjsda0d.exe
C:\Program Files\Common Files\ztc00rpz.exe
C:\Program Files\Common Files\wwo5ffrl.exe
C:\Program Files\Common Files\rrpvpit0.exe
C:\Program Files\Common Files\4lwyqj04.exe
C:\Program Files\Common Files\43ukpr0k.exe
C:\Program Files\Common Files\rt0quins.exe
C:\Program Files\Common Files\lkoi2shf.exe
C:\Program Files\Common Files\2rl5yecs.exe
C:\Program Files\Common Files\jimdwk24.exe
C:\Program Files\Common Files\vmnrgjab.exe
C:\Program Files\Common Files\ki1yk2pa.exe
C:\Program Files\Common Files\ic21ba5x.exe
C:\Program Files\Common Files\gwmmy2io.exe
C:\Program Files\Common Files\c0m2zcp1.exe
C:\Program Files\Common Files\ajuo2qtx.exe
C:\Program Files\Common Files\fxqf2g0c.exe
C:\Program Files\Common Files\g4aph4bk.exe
C:\Program Files\Common Files\3v0vac0x.exe
C:\Program Files\Common Files\ad55zlca.exe
C:\Program Files\Common Files\u3hoj5iq.exe
C:\Program Files\Common Files\ojt3faqt.exe
C:\Program Files\Common Files\w4opv5kx.exe
C:\Program Files\Common Files\y5cmu0ku.exe
C:\Program Files\Common Files\jwi3dj2f.exe
C:\Program Files\Common Files\cauh0ybn.exe
C:\Program Files\Common Files\xfna1tcq.exe
C:\Program Files\Common Files\ln4iod3t.exe
C:\Program Files\Common Files\lexwnqln.exe
C:\Program Files\Common Files\yswveqqx.exe
C:\Program Files\Common Files\vjmtxj5l.exe
C:\Program Files\Common Files\uqgjwcsu.exe
C:\Program Files\Common Files\rqzosy05.exe
C:\Program Files\Common Files\dod51cix.exe
C:\Program Files\Common Files\cxmjuknk.exe
C:\Program Files\Common Files\ciisrtq2.exe
C:\Program Files\Common Files\bbrkntag.exe
C:\Program Files\Common Files\akvdljbw.exe
C:\Program Files\Common Files\5tsj0dr2.exe
C:\Program Files\Common Files\5sef1rgv.exe
C:\Program Files\Common Files\p2pdv21t.exe
C:\Program Files\Common Files\ztktlnti.exe
C:\Program Files\Common Files\tppr2cu0.exe
C:\Program Files\Common Files\q0yloisv.exe
C:\Program Files\Common Files\maklm4nz.exe
C:\Program Files\Common Files\hdwsbcmp.exe
C:\Program Files\Common Files\ez03fq4r.exe
C:\Program Files\Common Files\ayhomga2.exe
C:\Program Files\Common Files\4b2cbmd0.exe
C:\Program Files\Common Files\1k4puy4n.exe
C:\Program Files\Common Files\4ufisxbj.exe
C:\Program Files\Common Files\4ttvy0so.exe
C:\Program Files\Common Files\4mla1ysm.exe
C:\Program Files\Common Files\2jmiqmog.exe
C:\Program Files\Common Files\1hbi4kw1.exe
C:\Program Files\Common Files\qzvrnfdp.exe
C:\Program Files\Common Files\ndrwxafu.exe
C:\Program Files\Common Files\kgbpmhrn.exe
C:\Program Files\Common Files\dreu5ktk.exe
C:\Program Files\Common Files\bqu05vlt.exe
C:\Program Files\Common Files\4yksy5l5.exe
C:\Program Files\Common Files\3dgcypuv.exe
C:\Program Files\Common Files\2xyrg0md.exe
C:\Program Files\Common Files\wr5do3mv.exe
C:\Program Files\Common Files\o5nfrwcw.exe
C:\Program Files\Common Files\llm23iq2.exe
C:\Program Files\Common Files\r2fgl15t.exe
C:\Program Files\Common Files\uoxtp5mf.exe
C:\Program Files\Common Files\fvsh1zrz.exe
C:\Program Files\Common Files\kbeepq3w.exe
C:\Program Files\Common Files\d5y5kpxe.exe
C:\Program Files\Common Files\gh0hlx4u.exe
C:\Program Files\Common Files\nacfzv3q.exe
C:\Program Files\Common Files\k0xbs1r4.exe
C:\Program Files\Common Files\31nhsocp.exe
C:\Program Files\Common Files\z5ha44fq.exe
C:\Program Files\Common Files\x2wnjm1b.exe
C:\Program Files\Common Files\vv0aw5hz.exe
C:\Program Files\Common Files\vmxlcbkm.exe
C:\Program Files\Common Files\uxtms3nn.exe
C:\Program Files\Common Files\uhegpjfs.exe
C:\Program Files\Common Files\te3htbdw.exe
C:\Program Files\Common Files\sk4htdoy.exe
C:\Program Files\Common Files\rugbnzbx.exe
C:\Program Files\Common Files\r1kz0usq.exe
C:\Program Files\Common Files\pzv2xkda.exe
C:\Program Files\Common Files\pnt2j2ag.exe
C:\Program Files\Common Files\odt1vqlk.exe
C:\Program Files\Common Files\n1gyzmoy.exe
C:\Program Files\Common Files\mdgddrr4.exe
C:\Program Files\Common Files\kne3wgqv.exe
C:\Program Files\Common Files\jjilqnhr.exe
C:\Program Files\Common Files\g4r5opax.exe
C:\Program Files\Common Files\ch4w3fbm.exe
C:\Program Files\Common Files\areab3p4.exe
C:\Program Files\Common Files\3u2bsn5p.exe
C:\Program Files\Common Files\34pnig1q.exe
C:\Program Files\Common Files\jzhud1yt.exe
C:\Program Files\Common Files\dphlerpw.exe
C:\Program Files\Common Files\e11al15p.exe
C:\Program Files\Common Files\4duzljbv.exe
EmptyTemp:
end
*****************
 
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57533554-0c1e-11e6-8cc9-38b1db9df968}" => key removed successfully
HKCR\CLSID\{57533554-0c1e-11e6-8cc9-38b1db9df968} => key not found. 
"HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57533558-0c1e-11e6-8cc9-38b1db9df968}" => key removed successfully
HKCR\CLSID\{57533558-0c1e-11e6-8cc9-38b1db9df968} => key not found. 
"HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0f96005-d93e-11e5-810c-38b1db9df968}" => key removed successfully
HKCR\CLSID\{b0f96005-d93e-11e5-810c-38b1db9df968} => key not found. 
"HKU\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0f9601c-d93e-11e5-810c-38b1db9df968}" => key removed successfully
HKCR\CLSID\{b0f9601c-d93e-11e5-810c-38b1db9df968} => key not found. 
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CD0CF01-CC38-4ABA-81E9-856F92CF0480}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CD0CF01-CC38-4ABA-81E9-856F92CF0480}" => key removed successfully
C:\Windows\System32\Tasks\aew3wwgw => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\aew3wwgw" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D9A101B-B904-46B7-B9A2-1E4A034F364B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D9A101B-B904-46B7-B9A2-1E4A034F364B}" => key removed successfully
C:\Windows\System32\Tasks\bzlgyg1h => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bzlgyg1h" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{261F065E-BA19-4CCA-8776-CFFFB45EE80A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{261F065E-BA19-4CCA-8776-CFFFB45EE80A}" => key removed successfully
C:\Windows\System32\Tasks\dx0alk5l => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dx0alk5l" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{304EA0D6-477C-4FDE-8CFC-3DD08E6833E6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{304EA0D6-477C-4FDE-8CFC-3DD08E6833E6}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iroductuol => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CF90AAF-3A3A-48AE-8E3B-4FCA630D20C4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CF90AAF-3A3A-48AE-8E3B-4FCA630D20C4}" => key removed successfully
C:\Windows\System32\Tasks\w4oqkuw4 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\w4oqkuw4" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E7E7D77-654A-4472-8AFD-088EDDBE624F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E7E7D77-654A-4472-8AFD-088EDDBE624F}" => key removed successfully
C:\Windows\System32\Tasks\gs0xirtn => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gs0xirtn" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{410347DE-3EBC-4D2B-8DE2-BB205187CA21}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{410347DE-3EBC-4D2B-8DE2-BB205187CA21}" => key removed successfully
C:\Windows\System32\Tasks\rwxtky3g => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\rwxtky3g" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42EC75BC-63FA-4D0E-A20E-139C79F2064C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42EC75BC-63FA-4D0E-A20E-139C79F2064C}" => key removed successfully
C:\Windows\System32\Tasks\nhzvoppp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nhzvoppp" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4ADE3A03-7D73-4A76-B348-6956D20BE4A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ADE3A03-7D73-4A76-B348-6956D20BE4A2}" => key removed successfully
C:\Windows\System32\Tasks\vobtm3pr => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\vobtm3pr" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CCFC39E-40CA-47EE-93B2-AA7F190F4868}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CCFC39E-40CA-47EE-93B2-AA7F190F4868}" => key removed successfully
C:\Windows\System32\Tasks\jyluoi3o => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jyluoi3o" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5DE9D4EC-62CA-44D7-B515-66CA20E30A12}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DE9D4EC-62CA-44D7-B515-66CA20E30A12}" => key removed successfully
C:\Windows\System32\Tasks\34bzjgdx => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\34bzjgdx" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61D1C7DF-FC15-47ED-82B3-DBE7A90DD6E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61D1C7DF-FC15-47ED-82B3-DBE7A90DD6E1}" => key removed successfully
C:\Windows\System32\Tasks\n5nimpm4 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\n5nimpm4" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{672E2CC8-9E53-4CF4-A946-1AFE7544AF9A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{672E2CC8-9E53-4CF4-A946-1AFE7544AF9A}" => key removed successfully
C:\Windows\System32\Tasks\w5xmqrcq => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\w5xmqrcq" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8538BBAD-7C03-499F-A240-CF672496B93F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8538BBAD-7C03-499F-A240-CF672496B93F}" => key removed successfully
C:\Windows\System32\Tasks\igritx3u => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\igritx3u" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FC23127-DF86-4097-9915-99B854637BAB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FC23127-DF86-4097-9915-99B854637BAB}" => key removed successfully
C:\Windows\System32\Tasks\vldfwxve => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\vldfwxve" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9EF728DC-1F78-4955-BE9B-7F171C131D44}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EF728DC-1F78-4955-BE9B-7F171C131D44}" => key removed successfully
C:\Windows\System32\Tasks\xjyzd1ki => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\xjyzd1ki" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB14361B-6415-4DD5-8719-F0D7FC04778D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB14361B-6415-4DD5-8719-F0D7FC04778D}" => key removed successfully
C:\Windows\System32\Tasks\rz54y325 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\rz54y325" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB786BFC-B154-4DEC-852C-5C3B6BC72362}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB786BFC-B154-4DEC-852C-5C3B6BC72362}" => key removed successfully
C:\Windows\System32\Tasks\k2wgs20j => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\k2wgs20j" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D86C73AF-34CC-47B0-BD37-35715A5CB934}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D86C73AF-34CC-47B0-BD37-35715A5CB934}" => key removed successfully
C:\Windows\System32\Tasks\fr2evhkj => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fr2evhkj" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE25E640-39B9-4F7E-8133-964B68D3C187}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE25E640-39B9-4F7E-8133-964B68D3C187}" => key removed successfully
C:\Windows\System32\Tasks\aamtcoic => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\aamtcoic" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEE91ED5-72D4-4732-8E17-4204C7D20BE1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEE91ED5-72D4-4732-8E17-4204C7D20BE1}" => key removed successfully
C:\Windows\System32\Tasks\325t2dgz => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\325t2dgz" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F36DE809-99BA-4026-9C05-3F080FF21E70}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F36DE809-99BA-4026-9C05-3F080FF21E70}" => key removed successfully
C:\Windows\System32\Tasks\idrs0g0w => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\idrs0g0w" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8DA3BE4-37AC-46D6-8A7A-F0FF2F465ED6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8DA3BE4-37AC-46D6-8A7A-F0FF2F465ED6}" => key removed successfully
C:\Windows\System32\Tasks\qg0zoahs => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\qg0zoahs" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F97AC0CF-DCBF-4A88-A8E0-5026EF385406}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F97AC0CF-DCBF-4A88-A8E0-5026EF385406}" => key removed successfully
C:\Windows\System32\Tasks\yqqzgxft => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\yqqzgxft" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFF7D1C5-B259-49BD-9F1F-0018F389CC5D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFF7D1C5-B259-49BD-9F1F-0018F389CC5D}" => key removed successfully
C:\Windows\System32\Tasks\g4hx0oj0 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\g4hx0oj0" => key removed successfully
C:\Program Files\Common Files\nxqix2v4.exe => moved successfully
C:\Program Files\Common Files\vczke5tf.exe => moved successfully
C:\Program Files\Common Files\tvp0ztb2.exe => moved successfully
C:\Program Files\Common Files\sfgifsmn.exe => moved successfully
C:\Program Files\Common Files\mkool4nz.exe => moved successfully
C:\Program Files\Common Files\kukhs5yc.exe => moved successfully
C:\Program Files\Common Files\keeflik3.exe => moved successfully
C:\Program Files\Common Files\ivnncg3v.exe => moved successfully
C:\Program Files\Common Files\fuizqtnt.exe => moved successfully
C:\Program Files\Common Files\bj4smrpj.exe => moved successfully
C:\Program Files\Common Files\3q4nu04v.exe => moved successfully
C:\Program Files\Common Files\3fzkvfce.exe => moved successfully
C:\Program Files\Common Files\wugd3s1k.exe => moved successfully
C:\Program Files\Common Files\oe5rxgmy.exe => moved successfully
C:\Program Files\Common Files\uowpj54y.exe => moved successfully
C:\Program Files\Common Files\vwsegdek.exe => moved successfully
C:\Program Files\Common Files\rsgzqio1.exe => moved successfully
C:\Program Files\Common Files\qs1mlvay.exe => moved successfully
C:\Program Files\Common Files\p1qnbqql.exe => moved successfully
C:\Program Files\Common Files\cj2zwhls.exe => moved successfully
C:\Program Files\Common Files\4pje2usj.exe => moved successfully
C:\Program Files\Common Files\3hmbjydh.exe => moved successfully
C:\Program Files\Common Files\xdcfvull.exe => moved successfully
C:\Program Files\Common Files\u5e3xqwm.exe => moved successfully
C:\Program Files\Common Files\sdd5fdmt.exe => moved successfully
C:\Program Files\Common Files\otfg1co3.exe => moved successfully
C:\Program Files\Common Files\e15zwtfd.exe => moved successfully
C:\Program Files\Common Files\c4jrup5i.exe => moved successfully
C:\Program Files\Common Files\bev1tt0w.exe => moved successfully
C:\Program Files\Common Files\3crnd5s4.exe => moved successfully
C:\Program Files\Common Files\xwfp3nce.exe => moved successfully
C:\Program Files\Common Files\tcxzcyiq.exe => moved successfully
C:\Program Files\Common Files\olf1kjhh.exe => moved successfully
C:\Program Files\Common Files\jwnivu1w.exe => moved successfully
C:\Program Files\Common Files\tvxpfunq.exe => moved successfully
C:\Program Files\Common Files\oqhrpyau.exe => moved successfully
C:\Program Files\Common Files\dqf0nuhv.exe => moved successfully
C:\Program Files\Common Files\kbsen10d.exe => moved successfully
C:\Program Files\Common Files\jkol1wsz.exe => moved successfully
C:\Program Files\Common Files\ixyljokq.exe => moved successfully
C:\Program Files\Common Files\euu02fii.exe => moved successfully
C:\Program Files\Common Files\2ozgoojj.exe => moved successfully
C:\Program Files\Common Files\zu3awbg2.exe => moved successfully
C:\Program Files\Common Files\zshdiv54.exe => moved successfully
C:\Program Files\Common Files\ywh20yst.exe => moved successfully
C:\Program Files\Common Files\wuf4xr5f.exe => moved successfully
C:\Program Files\Common Files\vhgrdcjw.exe => moved successfully
C:\Program Files\Common Files\v2mqzgiv.exe => moved successfully
C:\Program Files\Common Files\rgmctvpo.exe => moved successfully
C:\Program Files\Common Files\rb5gu2a4.exe => moved successfully
C:\Program Files\Common Files\pt2bgm5a.exe => moved successfully
C:\Program Files\Common Files\kti2cpft.exe => moved successfully
C:\Program Files\Common Files\krdcyofl.exe => moved successfully
C:\Program Files\Common Files\kmvjzs2c.exe => moved successfully
C:\Program Files\Common Files\kdfdw1nx.exe => moved successfully
C:\Program Files\Common Files\jnd1lkzy.exe => moved successfully
C:\Program Files\Common Files\ipymryka.exe => moved successfully
C:\Program Files\Common Files\gypr5lcy.exe => moved successfully
C:\Program Files\Common Files\fyxzggo4.exe => moved successfully
C:\Program Files\Common Files\fm0btic2.exe => moved successfully
C:\Program Files\Common Files\eh44yp5b.exe => moved successfully
C:\Program Files\Common Files\eesjskqo.exe => moved successfully
C:\Program Files\Common Files\crftw0hg.exe => moved successfully
C:\Program Files\Common Files\cqd4ru0n.exe => moved successfully
C:\Program Files\Common Files\cqcpdayj.exe => moved successfully
C:\Program Files\Common Files\33nzp3ds.exe => moved successfully
C:\Program Files\Common Files\4yckbatn.exe => moved successfully
C:\Program Files\Common Files\vl1ychoa.exe => moved successfully
C:\Program Files\Common Files\k5s5jr3c.exe => moved successfully
C:\Program Files\Common Files\gidl3212.exe => moved successfully
C:\Program Files\Common Files\eldcccjx.exe => moved successfully
C:\Program Files\Common Files\4mjjul5p.exe => moved successfully
C:\Program Files\Common Files\1w31tty5.exe => moved successfully
C:\Program Files\Common Files\4avdldsz.exe => moved successfully
C:\Program Files\Common Files\kpbsvgsf.exe => moved successfully
C:\Program Files\Common Files\zoc0wpej.exe => moved successfully
C:\Program Files\Common Files\zm3eqna5.exe => moved successfully
C:\Program Files\Common Files\vnliupbx.exe => moved successfully
C:\Program Files\Common Files\rxdu4hxh.exe => moved successfully
C:\Program Files\Common Files\ngwslksm.exe => moved successfully
C:\Program Files\Common Files\jb44irkl.exe => moved successfully
C:\Program Files\Common Files\j4yr4toi.exe => moved successfully
C:\Program Files\Common Files\hmgtsovy.exe => moved successfully
C:\Program Files\Common Files\fzpkj1kt.exe => moved successfully
C:\Program Files\Common Files\e3ee5qol.exe => moved successfully
C:\Program Files\Common Files\do3zwpeu.exe => moved successfully
C:\Program Files\Common Files\csji25pz.exe => moved successfully
C:\Program Files\Common Files\bru4lzu0.exe => moved successfully
C:\Program Files\Common Files\ari0p41n.exe => moved successfully
C:\Program Files\Common Files\aluxhvc5.exe => moved successfully
C:\Program Files\Common Files\5z5ytn0z.exe => moved successfully
C:\Program Files\Common Files\3xjp4ttv.exe => moved successfully
C:\Program Files\Common Files\31upcpzi.exe => moved successfully
C:\Program Files\Common Files\2l3ciwb3.exe => moved successfully
C:\Program Files\Common Files\xxn1ycch.exe => moved successfully
C:\Program Files\Common Files\wwsrc0yl.exe => moved successfully
C:\Program Files\Common Files\tv0asxre.exe => moved successfully
C:\Program Files\Common Files\syk044vm.exe => moved successfully
C:\Program Files\Common Files\qaublevw.exe => moved successfully
C:\Program Files\Common Files\nh0tvqsi.exe => moved successfully
C:\Program Files\Common Files\lrnrnctq.exe => moved successfully
C:\Program Files\Common Files\lndi0yuu.exe => moved successfully
C:\Program Files\Common Files\jrjms1r2.exe => moved successfully
C:\Program Files\Common Files\itmi3qly.exe => moved successfully
C:\Program Files\Common Files\hplueezn.exe => moved successfully
C:\Program Files\Common Files\hc430lux.exe => moved successfully
C:\Program Files\Common Files\gz25frol.exe => moved successfully
C:\Program Files\Common Files\a42t5mkl.exe => moved successfully
C:\Program Files\Common Files\a1jy3ptn.exe => moved successfully
C:\Program Files\Common Files\5m1b40zw.exe => moved successfully
C:\Program Files\Common Files\5cmfddtd.exe => moved successfully
C:\Program Files\Common Files\3fpc2g5z.exe => moved successfully
C:\Program Files\Common Files\34vjp4is.exe => moved successfully
C:\Program Files\Common Files\2qpcohij.exe => moved successfully
C:\Program Files\Common Files\0mihtvzr.exe => moved successfully
C:\Program Files\Common Files\0gphgoj2.exe => moved successfully
C:\Program Files\Common Files\0e1innp3.exe => moved successfully
C:\Program Files\Common Files\001dk12b.exe => moved successfully
C:\Program Files\Common Files\orijtx1e.exe => moved successfully
C:\Program Files\Common Files\h1ialekr.exe => moved successfully
C:\Program Files\Common Files\vuvcjowk.exe => moved successfully
C:\Program Files\Common Files\2czivodn.exe => moved successfully
C:\Program Files\Common Files\sapjv1qo.exe => moved successfully
C:\Program Files\Common Files\p4d4ysvq.exe => moved successfully
C:\Program Files\Common Files\euhfpce5.exe => moved successfully
C:\Program Files\Common Files\eetjjixn.exe => moved successfully
C:\Program Files\Common Files\sxymutwi.exe => moved successfully
C:\Program Files\Common Files\rx5mudb2.exe => moved successfully
C:\Program Files\Common Files\fbik4zax.exe => moved successfully
C:\Program Files\Common Files\0mbeyhao.exe => moved successfully
C:\Program Files\Common Files\scsrrdb0.exe => moved successfully
C:\Program Files\Common Files\fcsmii5k.exe => moved successfully
C:\Program Files\Common Files\cwdxd4aj.exe => moved successfully
C:\Program Files\Common Files\5xri25eq.exe => moved successfully
C:\Program Files\Common Files\2hyvckgp.exe => moved successfully
C:\Program Files\Common Files\1m2oaq2i.exe => moved successfully
C:\Program Files\Common Files\yg4vbnnx.exe => moved successfully
C:\Program Files\Common Files\rwn4isn4.exe => moved successfully
C:\Program Files\Common Files\micw0en0.exe => moved successfully
C:\Program Files\Common Files\m5gksziz.exe => moved successfully
C:\Program Files\Common Files\k0dt5xyl.exe => moved successfully
C:\Program Files\Common Files\ipf30phh.exe => moved successfully
C:\Program Files\Common Files\ysri4jqx.exe => moved successfully
C:\Program Files\Common Files\yjfiyns5.exe => moved successfully
C:\Program Files\Common Files\y4kf4lua.exe => moved successfully
C:\Program Files\Common Files\y2ugcrze.exe => moved successfully
C:\Program Files\Common Files\uhawpzv4.exe => moved successfully
C:\Program Files\Common Files\qiqf403k.exe => moved successfully
C:\Program Files\Common Files\ncwu3opx.exe => moved successfully
C:\Program Files\Common Files\commluf1.exe => moved successfully
C:\Program Files\Common Files\nrylwlas.exe => moved successfully
C:\Program Files\Common Files\awjsda0d.exe => moved successfully
C:\Program Files\Common Files\ztc00rpz.exe => moved successfully
C:\Program Files\Common Files\wwo5ffrl.exe => moved successfully
C:\Program Files\Common Files\rrpvpit0.exe => moved successfully
C:\Program Files\Common Files\4lwyqj04.exe => moved successfully
C:\Program Files\Common Files\43ukpr0k.exe => moved successfully
C:\Program Files\Common Files\rt0quins.exe => moved successfully
C:\Program Files\Common Files\lkoi2shf.exe => moved successfully
C:\Program Files\Common Files\2rl5yecs.exe => moved successfully
C:\Program Files\Common Files\jimdwk24.exe => moved successfully
C:\Program Files\Common Files\vmnrgjab.exe => moved successfully
C:\Program Files\Common Files\ki1yk2pa.exe => moved successfully
C:\Program Files\Common Files\ic21ba5x.exe => moved successfully
C:\Program Files\Common Files\gwmmy2io.exe => moved successfully
C:\Program Files\Common Files\c0m2zcp1.exe => moved successfully
C:\Program Files\Common Files\ajuo2qtx.exe => moved successfully
C:\Program Files\Common Files\fxqf2g0c.exe => moved successfully
C:\Program Files\Common Files\g4aph4bk.exe => moved successfully
C:\Program Files\Common Files\3v0vac0x.exe => moved successfully
C:\Program Files\Common Files\ad55zlca.exe => moved successfully
C:\Program Files\Common Files\u3hoj5iq.exe => moved successfully
C:\Program Files\Common Files\ojt3faqt.exe => moved successfully
C:\Program Files\Common Files\w4opv5kx.exe => moved successfully
C:\Program Files\Common Files\y5cmu0ku.exe => moved successfully
C:\Program Files\Common Files\jwi3dj2f.exe => moved successfully
C:\Program Files\Common Files\cauh0ybn.exe => moved successfully
C:\Program Files\Common Files\xfna1tcq.exe => moved successfully
C:\Program Files\Common Files\ln4iod3t.exe => moved successfully
C:\Program Files\Common Files\lexwnqln.exe => moved successfully
C:\Program Files\Common Files\yswveqqx.exe => moved successfully
C:\Program Files\Common Files\vjmtxj5l.exe => moved successfully
C:\Program Files\Common Files\uqgjwcsu.exe => moved successfully
C:\Program Files\Common Files\rqzosy05.exe => moved successfully
C:\Program Files\Common Files\dod51cix.exe => moved successfully
C:\Program Files\Common Files\cxmjuknk.exe => moved successfully
C:\Program Files\Common Files\ciisrtq2.exe => moved successfully
C:\Program Files\Common Files\bbrkntag.exe => moved successfully
C:\Program Files\Common Files\akvdljbw.exe => moved successfully
C:\Program Files\Common Files\5tsj0dr2.exe => moved successfully
C:\Program Files\Common Files\5sef1rgv.exe => moved successfully
C:\Program Files\Common Files\p2pdv21t.exe => moved successfully
C:\Program Files\Common Files\ztktlnti.exe => moved successfully
C:\Program Files\Common Files\tppr2cu0.exe => moved successfully
C:\Program Files\Common Files\q0yloisv.exe => moved successfully
C:\Program Files\Common Files\maklm4nz.exe => moved successfully
C:\Program Files\Common Files\hdwsbcmp.exe => moved successfully
C:\Program Files\Common Files\ez03fq4r.exe => moved successfully
C:\Program Files\Common Files\ayhomga2.exe => moved successfully
C:\Program Files\Common Files\4b2cbmd0.exe => moved successfully
C:\Program Files\Common Files\1k4puy4n.exe => moved successfully
C:\Program Files\Common Files\4ufisxbj.exe => moved successfully
C:\Program Files\Common Files\4ttvy0so.exe => moved successfully
C:\Program Files\Common Files\4mla1ysm.exe => moved successfully
C:\Program Files\Common Files\2jmiqmog.exe => moved successfully
C:\Program Files\Common Files\1hbi4kw1.exe => moved successfully
C:\Program Files\Common Files\qzvrnfdp.exe => moved successfully
C:\Program Files\Common Files\ndrwxafu.exe => moved successfully
C:\Program Files\Common Files\kgbpmhrn.exe => moved successfully
C:\Program Files\Common Files\dreu5ktk.exe => moved successfully
C:\Program Files\Common Files\bqu05vlt.exe => moved successfully
C:\Program Files\Common Files\4yksy5l5.exe => moved successfully
C:\Program Files\Common Files\3dgcypuv.exe => moved successfully
C:\Program Files\Common Files\2xyrg0md.exe => moved successfully
C:\Program Files\Common Files\wr5do3mv.exe => moved successfully
C:\Program Files\Common Files\o5nfrwcw.exe => moved successfully
C:\Program Files\Common Files\llm23iq2.exe => moved successfully
C:\Program Files\Common Files\r2fgl15t.exe => moved successfully
C:\Program Files\Common Files\uoxtp5mf.exe => moved successfully
C:\Program Files\Common Files\fvsh1zrz.exe => moved successfully
C:\Program Files\Common Files\kbeepq3w.exe => moved successfully
C:\Program Files\Common Files\d5y5kpxe.exe => moved successfully
C:\Program Files\Common Files\gh0hlx4u.exe => moved successfully
C:\Program Files\Common Files\nacfzv3q.exe => moved successfully
C:\Program Files\Common Files\k0xbs1r4.exe => moved successfully
C:\Program Files\Common Files\31nhsocp.exe => moved successfully
C:\Program Files\Common Files\z5ha44fq.exe => moved successfully
C:\Program Files\Common Files\x2wnjm1b.exe => moved successfully
C:\Program Files\Common Files\vv0aw5hz.exe => moved successfully
C:\Program Files\Common Files\vmxlcbkm.exe => moved successfully
C:\Program Files\Common Files\uxtms3nn.exe => moved successfully
C:\Program Files\Common Files\uhegpjfs.exe => moved successfully
C:\Program Files\Common Files\te3htbdw.exe => moved successfully
C:\Program Files\Common Files\sk4htdoy.exe => moved successfully
C:\Program Files\Common Files\rugbnzbx.exe => moved successfully
C:\Program Files\Common Files\r1kz0usq.exe => moved successfully
C:\Program Files\Common Files\pzv2xkda.exe => moved successfully
C:\Program Files\Common Files\pnt2j2ag.exe => moved successfully
C:\Program Files\Common Files\odt1vqlk.exe => moved successfully
C:\Program Files\Common Files\n1gyzmoy.exe => moved successfully
C:\Program Files\Common Files\mdgddrr4.exe => moved successfully
C:\Program Files\Common Files\kne3wgqv.exe => moved successfully
C:\Program Files\Common Files\jjilqnhr.exe => moved successfully
C:\Program Files\Common Files\g4r5opax.exe => moved successfully
C:\Program Files\Common Files\ch4w3fbm.exe => moved successfully
C:\Program Files\Common Files\areab3p4.exe => moved successfully
C:\Program Files\Common Files\3u2bsn5p.exe => moved successfully
C:\Program Files\Common Files\34pnig1q.exe => moved successfully
C:\Program Files\Common Files\jzhud1yt.exe => moved successfully
C:\Program Files\Common Files\dphlerpw.exe => moved successfully
C:\Program Files\Common Files\e11al15p.exe => moved successfully
C:\Program Files\Common Files\4duzljbv.exe => moved successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 162162216 B
Java, Flash, Steam htmlcache => 5300 B
Windows/system/drivers => 5794363876 B
Edge => 0 B
Chrome => 849334341 B
Firefox => 386098872 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83781 B
systemprofile32 => 66660 B
LocalService => 66228 B
NetworkService => 3539002 B
Jernej => 664067411 B
 
RecycleBin => 544 B
EmptyTemp: => 7.3 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 

==== End of Fixlog 00:23:05 ==== 

 

Emsisoft Emergency Kit log:

 

Emsisoft Emergency Kit - Version 12.0

Last update: 29.12.2016 1:05:09
User account: Jernej-PC\Jernej
Computer name: JERNEJ-PC
OS version: Windows 7x64 Service Pack 1
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off
 
Scan start: 29.12.2016 1:08:17
Key: HKEY_USERS\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\SOFTONIC detected: Application.InstallAd (A) []
C:\Program Files\Common Files\xalna2x2.exe detected: Gen:Variant.Adware.Linkury.13 (B) [krnl.xmd]
C:\Users\Jernej\Downloads\FreemakeVideoConverterSetup.exe detected: Application.AdLoad (A) [284541]
 
Scanned 74165
Found 3
 
Scan end: 29.12.2016 1:18:10
Scan time: 0:09:53
 
C:\Users\Jernej\Downloads\FreemakeVideoConverterSetup.exe Application.AdLoad (A)
C:\Program Files\Common Files\xalna2x2.exe Gen:Variant.Adware.Linkury.13 (B)
Key: HKEY_USERS\S-1-5-21-111603173-2415600283-1906868864-1000\SOFTWARE\SOFTONIC Application.InstallAd (A)
 
Quarantined 3
 

Malwarebytes automaticaly started... here is the log:

 

Malwarebytes

www.malwarebytes.com
 
-Podrobnosti dnevnika-
Datum pregledovanja: 29. 12. 16
Čas pregledovanja: 02:23
Dnevniška datoteka: 2016.12.29.makware log  6.08.txt
Skrbnik: Da
 
-Podatki o programski opremi-
Različica: 3.0.5.1299
Različica komponent: 1.0.43
Različica s paketom posodobitve: 1.0.881
Licenca: Preizkusna različica
 
-Informacije o sistemu-
OS: Windows 7 Service Pack 1
Procesor: x64
Datotečni sistem: NTFS
Uporabnik: System
 
-Povzetek pregledovanja-
Vrsta pregledovanja: Pregledovanje groženj
Rezultat: Dokončano
Število pregledanih predmetov: 352507
Pretečeni čas: 5 min, 31 s
 
-Možnosti pregledovanja-
Pomnilnik: Omogočeno
Zagon: Omogočeno
Datotečni sistem: Omogočeno
Arhivi: Omogočeno
Korenska orodja: Onemogočeno
Hevristika: Omogočeno
PUP: Omogočeno
PUM: Omogočeno
 
-Podrobnosti pregledovanja-
Proces: 0
(Ni zaznanih zlonamernih elementov)
 
Modul: 0
(Ni zaznanih zlonamernih elementov)
 
Registrski ključ: 0
(Ni zaznanih zlonamernih elementov)
 
Vrednost registra: 2
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Brez dejanja uporabnika, [95], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Brez dejanja uporabnika, [95], [-1],0.0.0
 
Podatkovni tok: 0
(Ni zaznanih zlonamernih elementov)
 
Mapa: 0
(Ni zaznanih zlonamernih elementov)
 
Datoteka: 2
PUP.Optional.Linkury.ACMB1, C:\USERS\JERNEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MIVNQ7JH.DEFAULT\PREFS.JS, Brez dejanja uporabnika, [95], [302805],1.0.881
PUP.Optional.Linkury.ACMB1, C:\USERS\JERNEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MIVNQ7JH.DEFAULT\PREFS.JS, Brez dejanja uporabnika, [95], [303330],1.0.881
 
Fizični sektor: 0
(Ni zaznanih zlonamernih elementov)
 
 
(end)


#8 seedy21

seedy21

    Advanced Forum Junkie

  • Administrator
  • 120 posts
  • Gender:Male
  • Location:West Yorkshire, UK
  • Interests:IT, malware removal and Radio Stations

Posted 29 December 2016 - 02:08 PM

Hello winersnicl
 
Step 1
 
Please can you re-run a Scan with Malwarebytes and Quarantine any files found
 
Step 2
 
adwcleaner_new.png Fix with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.
 
Step 3
 
FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.



#9 winersnicl

winersnicl

    New Member

  • Member
  • Pip
  • 9 posts

Posted 29 December 2016 - 03:56 PM

Hello seedy21

 

AdwCleaner[S0].txt:

 

 

# AdwCleaner v6.041 - Logfile created 29/12/2016 at 16:17:41
# Updated on 16/12/2016 by Malwarebytes
# Database : 2016-12-29.1 [Server]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Jernej - JERNEJ-PC
# Running from : C:\Users\Jernej\Desktop\AdwCleaner.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
No malicious folders found.
 
 
***** [ Files ] *****
 
No malicious files found.
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
Key Found:  HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Software\INSTALLPATH\STATUS
Key Found:  HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Software\mtxifs
Key Found:  HKCU\Software\INSTALLPATH\STATUS
Key Found:  HKCU\Software\mtxifs
Key Found:  HKLM\SOFTWARE\mtxifs
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Online-IO
Key Found:  [x64] HKCU\Software\INSTALLPATH\STATUS
Key Found:  [x64] HKCU\Software\mtxifs
Data Found:  HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNeQlSHCWwLyVCEZb1HHlEwQ37203JEFQE7LXfcW6Plnt
Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nicelabel.si
Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safefinder.com
Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.safefinder.com
Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.nicelabel.si
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nicelabel.si
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safefinder.com
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.safefinder.com
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.nicelabel.si
Key Found:  HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RONZAP.EXE
Key Found:  HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AIRTOSTRONG.EXE
Key Found:  HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\XIFS.EXE
Key Found:  HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\xifs.exe
Key Found:  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Airtostrong.exe
 
 
***** [ Web browsers ] *****
 
No malicious Firefox based browser items found.
Chrome pref Found:  [C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - fcgnigmofekcllgbiejhmigggmgehkip
Chrome pref Found:  [C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - feeilhmlfcpfchpbgoknoeefdkbgionj
 
*************************
 
C:\AdwCleaner\AdwCleaner[S0].txt - [3468 Bytes] - [29/12/2016 16:17:41]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3541 Bytes] ##########
 

 

AdwCleaner[C0].txt:

 

# AdwCleaner v6.041 - Logfile created 29/12/2016 at 16:19:32
# Updated on 16/12/2016 by Malwarebytes
# Database : 2016-12-29.1 [Server]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Jernej - JERNEJ-PC
# Running from : C:\Users\Jernej\Desktop\AdwCleaner.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
 
 
***** [ Files ] *****
 
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Software\INSTALLPATH\STATUS
[-] Key deleted: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Software\mtxifs
[#] Key deleted on reboot: HKCU\Software\INSTALLPATH\STATUS
[#] Key deleted on reboot: HKCU\Software\mtxifs
[-] Key deleted: HKLM\SOFTWARE\mtxifs
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Online-IO
[#] Key deleted on reboot: [x64] HKCU\Software\INSTALLPATH\STATUS
[#] Key deleted on reboot: [x64] HKCU\Software\mtxifs
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] 
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nicelabel.si
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safefinder.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.safefinder.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.nicelabel.si
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nicelabel.si
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safefinder.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.safefinder.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.nicelabel.si
[-] Key deleted: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RONZAP.EXE
[-] Key deleted: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AIRTOSTRONG.EXE
[-] Key deleted: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\XIFS.EXE
[-] Key deleted: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\xifs.exe
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Airtostrong.exe
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fcgnigmofekcllgbiejhmigggmgehkip
[-] [C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: feeilhmlfcpfchpbgoknoeefdkbgionj
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [3375 Bytes] - [29/12/2016 16:19:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [3652 Bytes] - [29/12/2016 16:17:41]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3521 Bytes] ##########
 
 
 
 
FRST.txt: 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Jernej (administrator) on JERNEJ-PC (29-12-2016 16:38:03)
Running from C:\Users\Jernej\Desktop
Loaded Profiles: Jernej (Available Profiles: Jernej)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: slovenščina (Slovenija)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\RtkBleServ.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7574896 2014-04-16] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818288 2014-04-07] (Synaptics Incorporated)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-10] (Intel Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [419512 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-11-20] (Raptr, Inc)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [DU Meter] => "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [proxsign] => C:\Program Files (x86)\SETCCE\proXSign\bin\pxkill.exe [31232 2015-11-19] ()
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
Startup: C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe [2016-08-26] (Leader Technologies)
Startup: C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe [2016-08-26] ()
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 84.255.209.79 84.255.210.79 192.168.1.1
Tcpip\..\Interfaces\{518C50D0-A0EB-426F-84AC-5A094662A6E1}: [DhcpNameServer] 84.255.209.79 84.255.210.79 192.168.1.1
Tcpip\..\Interfaces\{9374EDE6-2510-4D46-8FD1-8C9E69478EAC}: [DhcpNameServer] 10.0.1.197 10.0.1.198
 
Internet Explorer:
==================
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131266346688107570&GUID=1664DB10-ECE5-43AE-B976-1FB3994CEC74
SearchScopes: HKU\S-1-5-21-111603173-2415600283-1906868864-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-111603173-2415600283-1906868864-1000 -> is enabled.
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
 
FireFox:
========
FF ProfilePath: C:\Users\Jernej\AppData\Roaming\Mozilla\Firefox\Profiles\mivnq7jh.default [2016-12-29]
FF Homepage: Mozilla\Firefox\Profiles\mivnq7jh.default -> hxxps://www.google.si
FF Session Restore: Mozilla\Firefox\Profiles\mivnq7jh.default -> is enabled.
FF Extension: (BitComet Video Downloader) - C:\Users\Jernej\AppData\Roaming\Mozilla\Firefox\Profiles\mivnq7jh.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014-10-26] [not signed]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.si/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default [2016-12-29]
CHR Extension: (Google Diapozitivi) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-10]
CHR Extension: (Google Dokumenti) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-10]
CHR Extension: (Google Drive) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-25]
CHR Extension: (YouTube) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-09]
CHR Extension: (Google Search) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-25]
CHR Extension: (Google Preglednice) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-10]
CHR Extension: (Google Dokumenti brez povezave) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Skype) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-28]
CHR Extension: (Plačila v spletni trgovini Chrome) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-25]
CHR Extension: (Gmail) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-10]
CHR Extension: (Chrome Media Router) - C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [42496 2013-04-25] (Realtek Semiconductor Corporation) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-02-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-02-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-22] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2016-12-29] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2016-12-29] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2016-12-29] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2016-12-29] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [552448 2014-04-01] (Realtek Semiconductor Corporation)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3402968 2014-04-11] (Realtek Semiconductor Corporation                           )
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-29 16:38 - 2016-12-29 16:39 - 00020121 _____ C:\Users\Jernej\Desktop\FRST.txt
2016-12-29 16:36 - 2016-12-22 13:27 - 02420736 _____ (Farbar) C:\Users\Jernej\Desktop\FRST64.exe
2016-12-29 16:30 - 2016-12-29 16:31 - 03977168 _____ C:\Users\Jernej\Downloads\AdwCleaner.exe
2016-12-29 16:15 - 2016-12-29 16:19 - 00000000 ____D C:\AdwCleaner
2016-12-29 16:13 - 2016-12-29 16:14 - 03977168 _____ C:\Users\Jernej\Desktop\AdwCleaner.exe
2016-12-29 00:59 - 2016-12-29 06:15 - 00000000 ____D C:\EEK
2016-12-29 00:15 - 2016-12-29 00:15 - 00000000 _____ C:\Users\Jernej\defogger_reenable
2016-12-27 14:12 - 2016-12-27 15:02 - 00000000 ____D C:\MGADiagToolOutput
2016-12-27 14:11 - 2016-12-27 14:11 - 00000000 ____D C:\ProgramData\Office Genuine Advantage
2016-12-22 11:49 - 2016-12-29 16:29 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2016-12-22 11:49 - 2016-12-29 16:29 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2016-12-22 11:49 - 2016-12-29 16:28 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-22 11:49 - 2016-12-29 16:28 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-22 11:49 - 2016-12-22 11:49 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2016-12-22 11:48 - 2016-12-22 11:48 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-22 11:48 - 2016-12-22 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-22 11:48 - 2016-12-22 11:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-22 11:48 - 2016-12-22 11:48 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-22 11:48 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2016-12-20 09:05 - 2016-12-20 09:05 - 03675644 _____ C:\Users\Jernej\Downloads\6163430.pdf
2016-12-20 09:02 - 2016-12-20 09:02 - 03652374 _____ C:\Users\Jernej\Downloads\6163429.pdf
2016-12-20 08:56 - 2016-12-20 08:56 - 05901059 _____ C:\Users\Jernej\Downloads\6114395.pdf
2016-12-19 11:37 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-19 11:37 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-19 11:37 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-19 11:37 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-19 11:37 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-19 11:37 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-19 11:37 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-19 11:37 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-19 11:37 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-19 11:37 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-19 11:37 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-19 11:37 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-19 11:37 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-19 11:37 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-19 11:37 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-19 11:37 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-19 11:37 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-19 11:37 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-19 11:37 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-19 11:37 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-19 11:37 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-19 11:37 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-19 11:37 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-19 11:37 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-19 11:37 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-19 11:37 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-19 11:37 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-19 11:37 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-19 11:37 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-19 11:37 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-19 11:37 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-19 11:37 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-19 11:37 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-19 11:37 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-19 11:37 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-19 11:37 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-19 11:37 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-19 11:37 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-19 11:37 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-19 11:37 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-19 11:37 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-19 11:37 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-19 11:37 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-19 11:37 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-19 11:37 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-19 11:37 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-19 11:37 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-19 11:37 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-19 11:37 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-19 11:37 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-19 11:37 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-19 11:37 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-19 11:37 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-19 11:36 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-19 11:36 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-19 11:36 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-19 11:36 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-19 11:36 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-19 11:36 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-19 11:36 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-19 11:36 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-19 11:36 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-19 11:36 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-19 11:36 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-19 11:36 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-19 11:36 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-19 11:36 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-19 11:36 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-19 11:36 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-19 11:36 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-19 11:36 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-19 11:36 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-19 11:36 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-19 11:36 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-19 11:36 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-19 11:36 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-19 11:36 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-19 11:36 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-19 11:36 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-19 11:36 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-19 11:36 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-19 11:36 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-19 11:36 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-19 11:36 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-19 11:36 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-19 11:36 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-19 11:36 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-19 11:36 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-19 11:36 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-19 11:36 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-19 11:36 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-19 11:36 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-19 11:36 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-12-19 11:36 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-12-19 11:36 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-12-19 11:36 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-12-19 11:36 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-12-19 11:36 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-12-19 11:36 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-12-19 11:36 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-19 11:36 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-19 11:36 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-19 11:36 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-12-19 11:36 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-19 11:36 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-12-19 11:36 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-19 11:36 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-19 11:36 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-19 11:36 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-19 11:36 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-12-19 11:36 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-12-19 11:36 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-19 11:36 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-19 11:36 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-12-19 11:36 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-12-19 11:36 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-12-19 11:36 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-19 11:36 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-19 11:36 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-19 11:36 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-19 11:36 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-19 11:36 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-19 11:36 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-19 11:36 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-19 11:36 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-19 11:36 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-19 11:36 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-19 11:36 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-19 11:36 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-12-19 11:36 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-19 11:36 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-19 11:36 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-12-19 11:36 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-19 11:36 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-19 11:36 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-19 11:36 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-19 11:36 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-12-19 11:36 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-12-19 11:36 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-12-19 11:36 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-19 11:36 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-19 11:36 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-19 11:36 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-19 11:36 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-19 11:36 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-19 11:36 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-12-19 11:36 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-19 11:36 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-12-19 11:36 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-12-14 22:11 - 2016-12-14 22:11 - 00001119 _____ C:\Users\Public\Desktop\Hofer foto storitve.lnk
2016-12-14 22:06 - 2016-12-14 22:10 - 00000000 ____D C:\Program Files (x86)\Hofer foto storitve
2016-12-13 11:12 - 2016-07-22 15:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-12-13 11:12 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-12-09 08:25 - 2016-12-09 08:25 - 00000000 ____D C:\Users\Jernej\AppData\Roaming\WMM
2016-12-09 08:23 - 2016-12-09 08:23 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-12-09 08:22 - 2016-12-09 08:22 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-12-09 08:20 - 2016-12-09 08:21 - 26689458 _____ (videowinsoft.com ) C:\Users\Jernej\Downloads\windows-movie-maker-2016.exe
2016-12-09 07:35 - 2016-12-09 09:02 - 00000000 ____D C:\ProgramData\Freemake
2016-12-09 07:35 - 2016-12-09 07:38 - 00000000 ____D C:\Users\Jernej\Documents\Freemake
2016-12-09 07:34 - 2016-12-09 09:02 - 00000000 ____D C:\Program Files (x86)\Freemake
2016-12-06 08:54 - 2016-12-06 08:54 - 00606154 _____ C:\Users\Jernej\Downloads\2166_0001.pdf
2016-12-06 06:11 - 2016-12-06 06:11 - 02381224 _____ (iNeta d.o.o. ) C:\Users\Jernej\Downloads\SetupEplFotoPlus(1).exe
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-29 16:40 - 2015-11-17 14:39 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-29 16:39 - 2009-07-14 05:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-29 16:39 - 2009-07-14 05:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-29 16:38 - 2016-08-05 06:12 - 00000000 ____D C:\FRST
2016-12-29 16:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-29 15:19 - 2016-11-28 19:39 - 00000000 ____D C:\Users\Jernej\AppData\LocalLow\Mozilla
2016-12-29 00:56 - 2015-11-23 10:34 - 00001638 _____ C:\Users\Jernej\Desktop\!!KONOPLJA - Bližnjica.lnk
2016-12-29 00:22 - 2015-01-25 19:29 - 00000000 ____D C:\Users\Jernej\AppData\LocalLow\Temp
2016-12-29 00:15 - 2014-10-15 13:15 - 00000000 ____D C:\Users\Jernej
2016-12-28 16:38 - 2014-10-23 20:20 - 00000000 ____D C:\Users\Jernej\AppData\Roaming\vlc
2016-12-28 15:24 - 2014-10-21 18:29 - 00000000 ____D C:\!!!DOKUMENTI ZA BACKUP
2016-12-28 15:16 - 2015-01-03 08:04 - 00731850 _____ C:\Windows\system32\perfh010.dat
2016-12-28 15:16 - 2015-01-03 08:04 - 00146714 _____ C:\Windows\system32\perfc010.dat
2016-12-28 15:16 - 2015-01-03 07:36 - 00689012 _____ C:\Windows\system32\perfh007.dat
2016-12-28 15:16 - 2015-01-03 07:36 - 00148984 _____ C:\Windows\system32\perfc007.dat
2016-12-28 15:16 - 2015-01-03 07:36 - 00121186 _____ C:\Windows\system32\perfh024.dat
2016-12-28 15:16 - 2015-01-03 07:36 - 00026774 _____ C:\Windows\system32\perfc024.dat
2016-12-28 15:16 - 2009-07-14 06:13 - 02629780 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-28 15:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-28 12:05 - 2015-04-02 19:02 - 00000000 ____D C:\ProgramData\ACD Systems
2016-12-28 11:05 - 2014-10-15 13:15 - 00001042 _____ C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-28 10:36 - 2014-10-26 04:01 - 00000000 ____D C:\Users\Jernej\AppData\Roaming\BitComet
2016-12-28 07:38 - 2015-01-03 19:00 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-28 07:34 - 2014-10-25 06:39 - 00000000 ____D C:\ProgramData\Nero
2016-12-23 17:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-22 13:20 - 2016-07-28 14:03 - 00000000 ____D C:\Program Files\Common Files\ysxx5yhb
2016-12-22 13:20 - 2016-07-26 21:38 - 00000000 ____D C:\Program Files\Common Files\2gn2rbic
2016-12-22 13:20 - 2016-07-26 17:37 - 00000000 ____D C:\Program Files\Common Files\yp2muamg
2016-12-22 13:20 - 2016-07-26 16:37 - 00000000 ____D C:\Program Files\Common Files\44lsfwfm
2016-12-22 13:20 - 2016-07-26 13:37 - 00000000 ____D C:\Program Files\Common Files\t4guc34w
2016-12-22 13:20 - 2016-07-26 12:37 - 00000000 ____D C:\Program Files\Common Files\psmluq23
2016-12-22 13:19 - 2016-07-28 17:04 - 00000000 ____D C:\Program Files\Common Files\ujvxasm0
2016-12-22 13:19 - 2016-07-28 16:04 - 00000000 ____D C:\Program Files\Common Files\35rlgvd1
2016-12-22 13:19 - 2016-07-28 15:04 - 00000000 ____D C:\Program Files\Common Files\lhw2javn
2016-12-22 13:19 - 2016-07-28 13:03 - 00000000 ____D C:\Program Files\Common Files\rnjokjf4
2016-12-22 13:19 - 2016-07-28 10:03 - 00000000 ____D C:\Program Files\Common Files\g15zxh2x
2016-12-22 13:19 - 2016-07-28 09:03 - 00000000 ____D C:\Program Files\Common Files\pr0krzx1
2016-12-22 13:19 - 2016-07-28 08:03 - 00000000 ____D C:\Program Files\Common Files\pg0jaxsw
2016-12-22 13:19 - 2016-07-28 07:04 - 00000000 ____D C:\Program Files\Common Files\tkt2g0da
2016-12-22 13:19 - 2016-07-27 10:00 - 00000000 ____D C:\Program Files\Common Files\vg3spayq
2016-12-22 13:19 - 2016-07-27 08:59 - 00000000 ____D C:\Program Files\Common Files\vl40wgm2
2016-12-22 13:19 - 2016-07-27 07:59 - 00000000 ____D C:\Program Files\Common Files\cf5tnvux
2016-12-22 13:19 - 2016-07-27 07:00 - 00000000 ____D C:\Program Files\Common Files\kdshgy2y
2016-12-22 13:19 - 2016-07-26 22:38 - 00000000 ____D C:\Program Files\Common Files\2krelaqr
2016-12-22 13:19 - 2016-07-26 20:38 - 00000000 ____D C:\Program Files\Common Files\b3s24rro
2016-12-22 13:19 - 2016-07-26 19:38 - 00000000 ____D C:\Program Files\Common Files\hoa0ouqc
2016-12-22 13:19 - 2016-07-26 15:37 - 00000000 ____D C:\Program Files\Common Files\uirjnnf2
2016-12-22 13:19 - 2016-07-26 14:37 - 00000000 ____D C:\Program Files\Common Files\hqzjqhyj
2016-12-22 13:16 - 2016-07-26 18:37 - 00000000 ____D C:\Program Files\Common Files\kegzscx5
2016-12-22 12:07 - 2014-10-23 21:47 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-22 12:07 - 2014-10-16 13:46 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-22 12:07 - 2014-10-16 13:46 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-22 12:05 - 2016-08-05 04:27 - 00000000 ____D C:\Users\Jernej\Desktop\CLEANING VIRUSES 8.2016
2016-12-21 19:26 - 2016-08-05 07:18 - 01932560 _____ C:\Windows\ntbtlog.txt
2016-12-20 21:04 - 2016-11-18 20:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-20 21:04 - 2014-11-15 08:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-19 14:37 - 2009-07-14 05:45 - 00411760 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-19 14:20 - 2014-10-16 07:41 - 00000000 ____D C:\Windows\system32\MRT
2016-12-19 14:17 - 2014-10-16 07:41 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-19 14:14 - 2014-10-16 08:56 - 02566306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-19 09:41 - 2014-10-16 13:46 - 00003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-19 09:41 - 2014-10-16 13:46 - 00003360 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 20:31 - 2015-07-19 08:17 - 00019968 _____ C:\Users\Jernej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-14 20:10 - 2015-11-17 14:39 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-14 20:10 - 2014-11-12 06:58 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-14 20:10 - 2014-11-12 06:58 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-14 20:09 - 2014-11-12 06:58 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-14 20:09 - 2014-11-12 06:58 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-13 10:54 - 2014-10-16 13:58 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-12-13 10:54 - 2014-10-16 13:58 - 00001945 _____ C:\Windows\epplauncher.mif
2016-12-13 10:54 - 2014-10-16 13:58 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-12-13 10:54 - 2014-10-16 13:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-12-09 11:45 - 2015-12-22 19:20 - 00000000 ____D C:\Users\Jernej\AppData\Roaming\dvdcss
2016-12-09 06:56 - 2014-10-22 18:52 - 00000000 ____D C:\!!!MAJA
2016-12-06 06:11 - 2015-12-14 10:01 - 00002134 _____ C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\ePhotoLab - Foto Plus.lnk
2016-12-06 06:11 - 2015-12-14 10:01 - 00002110 _____ C:\Users\Jernej\Desktop\ePhotoLab - Foto Plus.lnk
2016-12-06 06:11 - 2015-12-14 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ePhotoLab
 
==================== Files in the root of some directories =======
 
2016-07-26 11:33 - 2016-07-26 11:33 - 7105536 _____ () C:\Users\Jernej\AppData\Roaming\agent.dat
2016-07-26 11:32 - 2016-07-26 11:32 - 0129024 _____ () C:\Users\Jernej\AppData\Roaming\Installer.dat
2016-07-26 11:33 - 2016-07-26 11:33 - 0018432 _____ () C:\Users\Jernej\AppData\Roaming\Main.dat
2016-08-05 07:37 - 2016-12-29 16:30 - 0539503 _____ () C:\Users\Jernej\AppData\Local\BTServer.log
2015-07-19 08:17 - 2016-12-15 20:31 - 0019968 _____ () C:\Users\Jernej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-03 09:47 - 2016-08-26 19:25 - 0007657 _____ () C:\Users\Jernej\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
C:\Users\Jernej\AppData\Local\Temp\libeay32.dll
C:\Users\Jernej\AppData\Local\Temp\msvcr120.dll
C:\Users\Jernej\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-24 07:21
 
==================== End of FRST.txt ============================
 
 
Addition.txt:.
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Jernej (29-12-2016 16:40:24)
Running from C:\Users\Jernej\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-10-15 12:15:24)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-111603173-2415600283-1906868864-500 - Administrator - Disabled)
Guest (S-1-5-21-111603173-2415600283-1906868864-501 - Limited - Disabled)
Jernej (S-1-5-21-111603173-2415600283-1906868864-1000 - Administrator - Enabled) => C:\Users\Jernej
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Slovenian (HKLM-x32\...\{AC76BA86-7AD7-1060-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
BitComet 1.37 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.37 - CometNetwork)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
ePhotoLab - Foto Plus (HKLM-x32\...\{262B688D-2A92-4424-BCDF-CF0EFA87075A}_is1) (Version: 2.11.5 - iNeta d.o.o.)
Google Chrome (HKLM-x32\...\{D0759C6C-1F01-345D-8F59-E3B43977D754}) (Version: 55.0.2883.87 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Google Zemlja (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Hofer foto storitve (HKLM-x32\...\Hofer foto storitve) (Version: 4.12.1. - ORWO Net)
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{88D3964A-59BE-412B-B61F-6EF5FBB33707}) (Version: 6.0.12.1 - Hewlett-Packard Company)
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version:  - )
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Malwarebytes različica 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0424-0000-0000000FF1CE}_OMUI.sl-si_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Slovenian/slovenščina (HKLM-x32\...\OMUI.sl-si) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Posodobitev za Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0424-0000-0000000FF1CE}_OMUI.sl-si_{FD705E62-13B4-4BF5-A4B2-A7599309751B}) (Version:  - Microsoft)
Posodobitev za Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0424-0000-0000000FF1CE}_OMUI.sl-si_{045DC059-1CCC-47B9-BA35-713E269D33B8}) (Version:  - Microsoft)
Posodobitev za Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0424-0000-0000000FF1CE}_OMUI.sl-si_{AD1C31E7-4856-4887-9307-1ABDE0F2DF7C}) (Version:  - Microsoft)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.7 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.43 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.83.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7225 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
SETCCE proXSign® 2.0.6.1 (HKLM-x32\...\{5829CC72-35A3-439B-AB90-CE2776075835}}_is1) (Version: 2.0.6.1 - SETCCE)
SETCCE proXSign® XML ActiveX 1.2.24 - XML Digital Signatures, Encryption and Timestamping plugin - User (HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\proXSignXML) (Version: 1.2.24 - SETCCE)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.8.1 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0E20888B-9CC5-4B4A-A32E-671871CF7864} - System32\Tasks\7b5dd999-cf86-4b52-85b9-b1d7ec4756d4 15 0 => C:\Program Files (x86)\Nero\Nero BackItUp\NBCore.exe
Task: {3975A867-3F5C-4E35-9DCE-FD0DC3B1FD51} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {41268F4E-4DAF-40D5-A562-05D23161B2DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {5D124534-D193-485E-A7D7-3614CCE75DE9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {64192548-9393-4CBE-A235-DD5E59746CC0} - System32\Tasks\{E2AA2501-2745-47B3-A4CD-D89AE8B06715} => pcalua.exe -a "C:\!!!DOKUMENTI ZA BACKUP\!!Jernej Filmi, glasba, igre\arhiv games\command and conquer - red alert 2 (full game)\RegSetup.exe" -d "C:\!!!DOKUMENTI ZA BACKUP\!!Jernej Filmi, glasba, igre\arhiv games\command and conquer - red alert 2 (full game)"
Task: {97A7CD85-25C8-4624-B459-122D2C1485FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {A0E1D398-D6B0-48A3-816F-3C11E27D8C14} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {B5B5E9CA-99AA-4447-A091-3A24C9F8C255} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {C956A19B-07D7-483B-9B99-03F33390F59D} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {ED6A2AC6-7572-4AAA-84FB-0859626FD86C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {FAA61F7E-F6B3-48F6-B5F9-C3BEA40CC878} - System32\Tasks\Jernej NBAgent 6 0 => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-01-31 15:27 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2015-01-31 15:27 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-10-17 08:08 - 2014-03-05 17:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-12-22 11:48 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-22 11:48 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-22 11:48 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2014-08-13 23:24 - 2014-10-03 17:36 - 00457616 _____ () C:\Windows\system32\igfxTray.exe
2015-01-10 19:01 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-10 19:01 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-10 19:01 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-10 19:01 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-10 19:01 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-12-15 17:48 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 17:48 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-19 09:42 - 2016-12-19 09:42 - 17833560 _____ () C:\Users\Jernej\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
2014-10-17 07:35 - 2013-12-10 06:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7914 more sites.
 
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-111603173-2415600283-1906868864-1000\...\123simsen.com -> www.123simsen.com
 
There are 7914 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2016-08-11 12:31 - 00453322 ____R C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15553 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-111603173-2415600283-1906868864-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 84.255.209.79 - 84.255.210.79
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{42CDF0B4-4C93-4658-9E38-2211022A85A2}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe
FirewallRules: [UDP Query User{CBE72B56-AF81-4996-BE9E-611F79B06354}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe
FirewallRules: [{6EC666CD-1DCA-4FF6-AB71-6D070DE95239}] => C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{7B94BDAC-B41B-48F3-839E-CEA31B93D67C}] => C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{2DA4AA07-A06C-49C1-AC0A-AA177F56EF56}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{05E0CDCF-25F7-4941-802B-1F1C5C23A332}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BA9F6EA5-F637-411E-9D9A-C9C31BB78B58}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{ED4EECBE-F5BF-41AC-81B2-CDF2855178E6}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C352ECA3-0D13-4D44-A916-07F83922FE59}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D08A593B-9435-41D9-96BC-ED9923399F18}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{59EC815D-7AFA-4344-A2DF-29319FC81381}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8FCCC32D-62BA-4FA1-B14C-BAD313C71048}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{89FC8B99-8C6E-45C8-9AD0-2E794874F77B}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8375A686-5438-4D36-A857-F1ACF2BAEDB2}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D1B47440-8494-41B7-9108-AF3C859556E2}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{805F6CD4-7D79-4E8E-B4F3-C1E852CBA840}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{71AA118D-3460-46E7-8373-7705F29E0293}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CD8F4598-6EB8-4487-AFBB-20938F268897}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2051E861-708D-41A8-9E6C-7F420A30D497}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4FBCF6D2-232B-4B4B-B641-A71A40278ECC}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F47537A9-6967-4997-B355-E5CE60860BCB}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3BAB8D33-9ECF-48F6-99DA-ABADDF595A73}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DDA499C4-5B57-4F1E-AAED-B8028263D705}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{22F58D2D-A8EE-4310-8874-16E16F43A11E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A80DDCCB-EF45-4C74-BDF7-FDA1EB06F3D8}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{003014F9-7CFB-4913-8A6A-CD8723CF40B4}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [TCP Query User{D8AF7791-95C8-49B2-9069-E13F50ED0D9F}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CA6C5949-857B-4426-BD71-FA264EAB2179}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{443519A2-C4D8-42F5-9395-0E951F8AC3BF}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{459ECC2D-5C5E-4AA9-A4FF-9E03C9684663}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0E2D1E97-794C-461E-A504-7D6CA2E3AFE2}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E43895AA-A3E9-4031-8599-E16E428CBCD4}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6311856D-27F0-4F1B-AF6F-2EF5263BB34D}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8377A8CE-0F51-4DB5-B6A7-2FBD469F1BB1}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5478A14E-60E5-48B1-81A6-1E73F55E3819}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{56E52500-6A5E-4C58-9FE2-D3A5754BBC34}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{97EC1FA7-3B21-4B76-B32E-278199C5001F}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{34E45DA3-BBCA-4531-B488-03F0012D900C}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2329650-5D73-422A-ABE6-ECB83713C026}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0EB9616F-CA04-43A1-966A-FB34A615C2C0}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{05FFC6A3-22F8-4D1F-A635-2C9300D01128}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE47CC34-8EC5-48E0-946F-80B4356EB631}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8CCECAE-2D33-430D-803F-8E9A0D46BD2E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{99BA3B55-9DAD-4DEA-AF12-54D5932C9732}] => C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{094CFDD2-E959-4E5B-8BD7-E3F9B40CA882}] => C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{685DB42B-1AF7-4FC1-9C77-2F1F6ED99BCB}] => C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DB31FA1C-64B1-49FE-BBE0-4B231ECD8700}] => C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1AA52942-D504-43FF-B146-4F6B9193F22E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7C55BF79-93FE-437D-B943-652D1D56CF6E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [TCP Query User{87FE0258-FF93-4090-8165-A7CDB886D749}C:\downloads\bitcomet\aoe2conq\empires2.exe] => C:\downloads\bitcomet\aoe2conq\empires2.exe
FirewallRules: [UDP Query User{80D530E4-B3AA-4320-A1ED-DC134F5E83CE}C:\downloads\bitcomet\aoe2conq\empires2.exe] => C:\downloads\bitcomet\aoe2conq\empires2.exe
FirewallRules: [TCP Query User{AAE6B486-9107-4A7B-9F9B-8827CACDE267}C:\downloads\bitcomet\aoe2conq\age2_x1.exe] => C:\downloads\bitcomet\aoe2conq\age2_x1.exe
FirewallRules: [UDP Query User{76C90AEC-48AB-48C7-80D2-045BCBD6F3B9}C:\downloads\bitcomet\aoe2conq\age2_x1.exe] => C:\downloads\bitcomet\aoe2conq\age2_x1.exe
FirewallRules: [TCP Query User{C61B7604-0DC5-48E5-9714-73578FE47FAF}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe
FirewallRules: [UDP Query User{B308E31E-4290-4C1E-AE1F-F988C8F9F6DB}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\empires2.exe
FirewallRules: [TCP Query User{9FBE2060-3F4D-4D01-B45C-CED1C6724BA2}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe
FirewallRules: [UDP Query User{559E3177-441A-43CA-9CBB-BBA2B26D36CE}C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe] => C:\!!!dokumenti za backup\!!jernej filmi, glasba, igre\arhiv games\aoe2conq\age2_x1.exe
FirewallRules: [TCP Query User{C581DBAA-BCDA-4CD1-B554-A32A39F0A156}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [UDP Query User{9A858B04-E66E-4B10-B19A-42C5799DB07D}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [{43DAD11F-E707-4106-8701-E2E5F5F80F33}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{862FDC02-CC4D-452D-80AA-9A2E8FC80A3E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3C5F9759-F9CC-4DA0-BBEF-F1CE00A04515}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{839B9CE2-85F6-4753-8E6B-DE3A8E123CE9}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{80BD58A5-0D69-4BD2-AF71-0ACD2268D4FC}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2E45AA62-DDA2-47E1-B02D-041E04CF0E48}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{38156B92-492E-46C3-B7D9-5B5CA791CB22}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2804B13F-6E4E-456A-A1BA-F4C4329D867D}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{66DE6CD2-8994-49FB-8DBC-5C32A73594B7}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FEB10EC4-9FFE-40E1-80A2-36153D6082D0}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{830B42C6-58C3-4425-AB93-37C78BBE51AD}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C812EC69-2895-478C-AD4D-01F2F258BB0C}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D1BD6247-5DD4-4753-81E8-2956602C15DD}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{85D1C169-80BA-43B6-8FC8-A39CB655DB56}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3BFC3367-844B-4E88-A555-653D01E7936E}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E0B83DC9-85E6-4F56-9B94-C12FCA680C8C}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D423F623-09F4-495C-A6B8-98EB5694BF2A}] => C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
26-12-2016 08:39:53 Windows Update
28-12-2016 07:22:42 Removed Nero 2015.
28-12-2016 07:34:12 Removed Nero BackItUp 11 Essentials CDPack.
28-12-2016 07:36:36 Removed Nero Backup Drivers.
28-12-2016 11:59:14 Removed ACDSee 4.0
28-12-2016 12:01:07 Removed ACDSee 4.0
28-12-2016 12:04:18 Removed ACDSee Pro 4.
29-12-2016 11:56:38 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek Bluetooth 4.0 Adapter
Description: Realtek Bluetooth 4.0 Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Realtek Semiconductor Corp.
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/29/2016 04:27:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/29/2016 04:00:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/29/2016 03:26:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/29/2016 12:53:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Napačno ime programa: chrome.exe, različica: 55.0.2883.87, časovni žig: 0x5848db5c
Napačno ime modula: ntdll.dll, različica: 6.1.7601.23572, časovni žig: 0x57fd02d3
Koda izjeme: 0xc00000fd
Napačen odmik: 0x0002e0ce
Napačen id procesa: 0x1038
Napačen začetni čas programa: 0x01d26162c882d78b
Napačna programska pot: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Napačna pot modula: C:\Windows\SysWOW64\ntdll.dll
Id poročila: cb1e6122-cd58-11e6-89e5-1458d0c7fc30
 
Error: (12/29/2016 12:26:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/28/2016 06:00:05 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Varnostno kopiranje ni bilo končano, ker je prišlo do napake pri zapisovanju na mesto za varnostne kopije E:\. Napaka je: Mesta za varnostne kopije ni mogoče najti ali ni veljavno. Preglejte nastavitve varnostnega kopiranja in preverite mesto varnostnih kopij. (0x81000006).
 
Error: (12/28/2016 12:39:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "E:\!!!!!MANUAL BACKUP\!!!setup programs\SoftonicDownloader_for_samsung-kies.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (12/28/2016 12:03:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\!!!DOKUMENTI ZA BACKUP\!!!setup programs\SoftonicDownloader_for_samsung-kies.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (12/28/2016 10:52:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/28/2016 10:29:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\!!!DOKUMENTI ZA BACKUP\!!!setup programs\SoftonicDownloader_for_samsung-kies.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
 
System errors:
=============
Error: (12/29/2016 04:26:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Storitev »Spybot-S&D 2 Scanner Service« se ni uspela zagnati zaradi te napake: 
Storitev se ni pravočasno odzvala na krmilno zahtevo ali na zahtevo za začetek.
 
Error: (12/29/2016 04:26:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Pri čakanju, da storitev Spybot-S&D 2 Scanner Service vzpostavi povezavo, je bila dosežena časovna omejitev (30000 milisekund).
 
Error: (12/29/2016 04:21:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Pri čakanju na odziv transakcije storitve Power je bila dosežena časovna omejitev (30000 milisekund).
 
Error: (12/29/2016 04:21:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Pri čakanju na odziv transakcije storitve MBAMService je bila dosežena časovna omejitev (30000 milisekund).
 
Error: (12/29/2016 04:20:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Razširitveni modul brezžičnega krajevnega omrežja se je nepričakovano ustavil.
 
Pot modula: C:\Windows\system32\Rtlihvs.dll
 
Error: (12/29/2016 04:19:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Storitev »Intel® Dynamic Application Loader Host Interface Service« se je nepričakovano prekinila. To je storila 1-krat.
 
Error: (12/29/2016 04:19:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Storitev »Intel® ME Service« se je nepričakovano prekinila. To je storila 1-krat.
 
Error: (12/29/2016 04:19:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Storitev »HP Software Framework Service« se je nepričakovano prekinila. To je storila 1-krat.
 
Error: (12/29/2016 04:19:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Storitev »Storitev programa Windows Media Player za skupno rabo omrežja« se je nepričakovano prekinila. To je storila 1-krat. Naslednja popravljalna dejanja bodo izvedena v 30000 milisekundah: Vnovični zagon storitve.
 
Error: (12/29/2016 04:19:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Storitev »Disc Soft Lite Bus Service« se je nepričakovano prekinila. To je storila 1-krat.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 33%
Total physical RAM: 8064.11 MB
Available physical RAM: 5359.55 MB
Total Virtual: 16126.4 MB
Available Virtual: 13026.36 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:698.54 GB) (Free:276.05 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A5703559)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#10 seedy21

seedy21

    Advanced Forum Junkie

  • Administrator
  • 120 posts
  • Gender:Male
  • Location:West Yorkshire, UK
  • Interests:IT, malware removal and Radio Stations

Posted 29 December 2016 - 07:46 PM

Hello winersnicl
 
Can I double check that you did re-run Malwarebytes like I asked in my last post?

Step 1

Open notepad. Please copy the contents of the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it on the Desktop as fixlist.txt
 

start
CloseProcesses:
C:\Program Files\Common Files\ysxx5yhb
C:\Program Files\Common Files\2gn2rbic
C:\Program Files\Common Files\yp2muamg
C:\Program Files\Common Files\44lsfwfm
C:\Program Files\Common Files\t4guc34w
C:\Program Files\Common Files\psmluq23
C:\Program Files\Common Files\ujvxasm0
C:\Program Files\Common Files\35rlgvd1
C:\Program Files\Common Files\lhw2javn
C:\Program Files\Common Files\rnjokjf4
C:\Program Files\Common Files\g15zxh2x
C:\Program Files\Common Files\pr0krzx1
C:\Program Files\Common Files\pg0jaxsw
C:\Program Files\Common Files\tkt2g0da
C:\Program Files\Common Files\vg3spayq
C:\Program Files\Common Files\vl40wgm2
C:\Program Files\Common Files\cf5tnvux
C:\Program Files\Common Files\kdshgy2y
C:\Program Files\Common Files\2krelaqr
C:\Program Files\Common Files\b3s24rro
C:\Program Files\Common Files\hoa0ouqc
C:\Program Files\Common Files\uirjnnf2
C:\Program Files\Common Files\hqzjqhyj
C:\Program Files\Common Files\kegzscx5
C:\Users\Jernej\Downloads\Windows_Loader_v2.2.1\
EmptyTemp:
end

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the desktop (Fixlog.txt) please post it to your reply.
 
Step 2

ESETOnline.png Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.
Click there Scan Now.

If using Internet Explorer:

  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:

  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.

To perform the scan:

  • Make sure that Remove found threats is unchecked.
  • Scan archives is checked.
  • In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.

Please include this logfile in your next reply.
Don't forget to re-enable previously switched-off protection software!



#11 winersnicl

winersnicl

    New Member

  • Member
  • Pip
  • 9 posts

Posted 30 December 2016 - 06:09 AM

Hello seedy21,

 

I did re-run malwarebytes.

 

I made the fixlist.txt and ran FRST64 and pressed the Fix.

I have temporary disabled  AntiVirus and AntiSpyware protection.

I downloaded esetonlinescaner_enu.exe. and doubleclicked it.

I have checked/unchecked everything you said I should and started the scan.

When the scan finish, there are options: Clean all, clean selected....No option finish. There is no log and folder ESET in the program files. Should I click clean all? Should I delete those unsafe programs which eset finds? I have selected all threats and clicked save to text file... I pasted the content below.

 

 

Fixlog.txt:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016

Ran by Jernej (30-12-2016 00:21:52) Run:2
Running from C:\Users\Jernej\Desktop
Loaded Profiles: Jernej (Available Profiles: Jernej)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CloseProcesses:
C:\Program Files\Common Files\ysxx5yhb
C:\Program Files\Common Files\2gn2rbic
C:\Program Files\Common Files\yp2muamg
C:\Program Files\Common Files\44lsfwfm
C:\Program Files\Common Files\t4guc34w
C:\Program Files\Common Files\psmluq23
C:\Program Files\Common Files\ujvxasm0
C:\Program Files\Common Files\35rlgvd1
C:\Program Files\Common Files\lhw2javn
C:\Program Files\Common Files\rnjokjf4
C:\Program Files\Common Files\g15zxh2x
C:\Program Files\Common Files\pr0krzx1
C:\Program Files\Common Files\pg0jaxsw
C:\Program Files\Common Files\tkt2g0da
C:\Program Files\Common Files\vg3spayq
C:\Program Files\Common Files\vl40wgm2
C:\Program Files\Common Files\cf5tnvux
C:\Program Files\Common Files\kdshgy2y
C:\Program Files\Common Files\2krelaqr
C:\Program Files\Common Files\b3s24rro
C:\Program Files\Common Files\hoa0ouqc
C:\Program Files\Common Files\uirjnnf2
C:\Program Files\Common Files\hqzjqhyj
C:\Program Files\Common Files\kegzscx5
C:\Users\Jernej\Downloads\Windows_Loader_v2.2.1\
EmptyTemp:
end
*****************
 
Processes closed successfully.
C:\Program Files\Common Files\ysxx5yhb => moved successfully
C:\Program Files\Common Files\2gn2rbic => moved successfully
C:\Program Files\Common Files\yp2muamg => moved successfully
C:\Program Files\Common Files\44lsfwfm => moved successfully
C:\Program Files\Common Files\t4guc34w => moved successfully
C:\Program Files\Common Files\psmluq23 => moved successfully
C:\Program Files\Common Files\ujvxasm0 => moved successfully
C:\Program Files\Common Files\35rlgvd1 => moved successfully
C:\Program Files\Common Files\lhw2javn => moved successfully
C:\Program Files\Common Files\rnjokjf4 => moved successfully
C:\Program Files\Common Files\g15zxh2x => moved successfully
C:\Program Files\Common Files\pr0krzx1 => moved successfully
C:\Program Files\Common Files\pg0jaxsw => moved successfully
C:\Program Files\Common Files\tkt2g0da => moved successfully
C:\Program Files\Common Files\vg3spayq => moved successfully
C:\Program Files\Common Files\vl40wgm2 => moved successfully
C:\Program Files\Common Files\cf5tnvux => moved successfully
C:\Program Files\Common Files\kdshgy2y => moved successfully
C:\Program Files\Common Files\2krelaqr => moved successfully
C:\Program Files\Common Files\b3s24rro => moved successfully
C:\Program Files\Common Files\hoa0ouqc => moved successfully
C:\Program Files\Common Files\uirjnnf2 => moved successfully
C:\Program Files\Common Files\hqzjqhyj => moved successfully
C:\Program Files\Common Files\kegzscx5 => moved successfully
"C:\Users\Jernej\Downloads\Windows_Loader_v2.2.1" => not found.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14737269 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1689008473 B
Edge => 0 B
Chrome => 68824934 B
Firefox => 26343639 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 6506 B
Jernej => 6434966 B
 
RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 00:21:57 ====
 
 
ESET.txt:
 
C:\!!!DOKUMENTI ZA BACKUP\8.setup programs\FreemakeVideoConverterSetup.exe Win32/OpenCandy potentially unsafe application
C:\!!!DOKUMENTI ZA BACKUP\MAJA\Maja razno\Maja_backup\mkovacic\Local Settings\Temp\OpenCandy\OCSetupHlp.dll Win32/OpenCandy potentially unsafe application
C:\!!!DOKUMENTI ZA BACKUP\MAJA\Maja razno\Maja_backup\mkovacic\My Documents\Prenosi\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\!!!DOKUMENTI ZA BACKUP\MAJA\Maja razno\Maja_backup\mkovacic\My Documents\Prenosi\FreewarePrimoPDF.exe Win32/OpenCandy potentially unsafe application
C:\FRST\Quarantine\C\Program Files\Common Files\fvsh1zrz.exe.xBAD a variant of Win32/Toolbar.Linkury.BB potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Common Files\kbeepq3w.exe.xBAD a variant of Win32/Toolbar.Linkury.BB potentially unwanted application
C:\Users\Jernej\AppData\Local\Downloaded Installations\{4492DEC1-BDC9-4478-8C54-B5D2E67AF233}\ACDSee Pro 4.msi a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\Jernej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe Win32/PowerReg potentially unsafe application
Autostart locations virus
 


#12 seedy21

seedy21

    Advanced Forum Junkie

  • Administrator
  • 120 posts
  • Gender:Male
  • Location:West Yorkshire, UK
  • Interests:IT, malware removal and Radio Stations

Posted 30 December 2016 - 06:59 PM

Hello winersnicl

Please re-run Eset Online Scanner and clean all the items it finds.

Can I get an update with your machine please?

#13 winersnicl

winersnicl

    New Member

  • Member
  • Pip
  • 9 posts

Posted 02 January 2017 - 06:26 AM

Hello seedy21,

 

Eset Online Scanner did not find anything.and also malwarebytes.

Chrome and Mozila is ok now. I think computer is clean now.

 

Thank you seedy21 for your help.

 

What do you think? Should I do some more scanning?

 

I have malwarebytes Trial version and will expire in 3 days. 

Can You recomend me any free antispyware/antimalware program?



#14 seedy21

seedy21

    Advanced Forum Junkie

  • Administrator
  • 120 posts
  • Gender:Male
  • Location:West Yorkshire, UK
  • Interests:IT, malware removal and Radio Stations

Posted 02 January 2017 - 09:33 PM

Hello winersnicl
 

What do you think? Should I do some more scanning?

 
Your machine looks clean to me so you wont need to run anymore scans
 

Can You recomend me any free antispyware/antimalware program?

 
I would run scans with MalwareBytes. When the trial runs out you can use it as a manual scanner. The other option would be to look at purchasing some like Malwarebytes or Emsisoft Anti-Malware which has an Real-Time scanner so it will remove anything malicious in real time.
 
If you don't have any further questions you can use the below tool to remove the tools we have had to use.
 

51a5ce45263de-delfix.png Clean with DelFix
 
Please download DelFix by Xplode and save it to your desktop.

  • Right-click on 51a5ce45263de-delfix.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Ensure that Remove disinfection tools, Purge system restore and Reset system settings are checked.
  • Push Run.
  • When finished, it will display a notepad report.

We will not need to review the log.

 

Safe Surfing



#15 winersnicl

winersnicl

    New Member

  • Member
  • Pip
  • 9 posts

Posted 04 January 2017 - 10:54 AM

Hello,

 

I have removed the tools and I have no further questions.

 

Thank you for your help!  :thumbup:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users