Imam problem sa pretrazivacem i ne mogu nikako da ga rijesim. Naime kada ukucam na google nesto i hocu da mi pronadje direktno mi prebaci na nekakvi ruski Rambler. Pokusao sam da ga pronadjem u programi i nisam nasao nikakav sumnjiv toolbar. Takodje u Mozilli sam isao na "Exstension" da vidim da nije dodao ali bez uspjeha. Je li se neko susretao sa slicnim problemom ?? Prisutan je na Mozilli i na Chrome, jedino na Internet explorer mogu normalno da pretrazujem.
mycity.rs/must-login.png
mycity.rs/must-login.png
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2017
Ran by PC (administrator) on 132FOJMQ5XM3T5H (19-01-2017 16:41:51)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC & UpdatusUser (Available Profiles: PC & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Microleaves LTD) C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe
(Microleaves LTD) C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe
(Microleaves LTD) C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microleaves LTD) C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe
(Microleaves LTD) C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe
(Microleaves LTD) C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1153448 2016-08-10] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-18\...\Run: [] => 0
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{060AFE0A-B564-4B80-9775-E4D1BECDCA89}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3841987362-15127488-506806976-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3841987362-15127488-506806976-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3841987362-15127488-506806976-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3841987362-15127488-506806976-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://123.itiankong.com/?1
HKU\S-1-5-21-3841987362-15127488-506806976-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-08-10] (Qihu 360 Software Co., Ltd.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-09-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-08-10] (Qihu 360 Software Co., Ltd.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\mtjubn89.default [2017-01-19]
FF Homepage: Mozilla\Firefox\Profiles\mtjubn89.default -> google.hr
FF Extension: (Fast search) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\mtjubn89.default\Extensions\amcontextmenu@loucypher [2017-01-18]
FF Extension: (Link Virus Checker: Security Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\mtjubn89.default\Extensions\jid0-DjsrWcAS3Wgq2xyyqqVL8Dqk1Lo@jetpack.xpi [2016-12-15]
FF Extension: (Tab Scope) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\mtjubn89.default\Extensions\tabscope@xuldev.org.xpi [2016-11-17]
FF Extension: (The Addon Bar (restored)) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\mtjubn89.default\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2016-11-16]
FF Extension: (360 Internet Protection) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\mtjubn89.default\Extensions\WebProtection@360safe.com [2017-01-14]
FF Extension: (FEBE) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\mtjubn89.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-11-30]
FF Extension: (Speed Dial) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\mtjubn89.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-11-17]
FF Extension: (Download Status Bar) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\mtjubn89.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-11-16]
FF Extension: (Adblock Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\mtjubn89.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (Tab Mix Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\mtjubn89.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-01-12]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll [2014-11-16] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll [2014-11-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-10-15] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-10-15] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.NDWL4ORHBQI6FWGSY7XD2UFIV4 - C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [914344 2016-08-10] (QIHU 360 SOFTWARE CO. LIMITED)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2016-08-10] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2016-08-10] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2016-08-10] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2016-08-10] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2016-08-10] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [391392 2016-08-10] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [190696 2016-08-10] (360.cn)
S3 vmusbmouse; C:\Windows\System32\DRIVERS\vmusbmouse.sys [15512 2014-03-21] (VMware, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-19 16:41 - 2017-01-19 16:42 - 00012758 _____ C:\Users\PC\Desktop\FRST.txt
2017-01-19 16:41 - 2017-01-19 16:41 - 00000000 ____D C:\FRST
2017-01-19 16:38 - 2017-01-19 16:40 - 02419712 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2017-01-19 16:30 - 2017-01-19 16:30 - 00243552 _____ C:\Users\PC\Downloads\Firefox Setup Stub 50.1.0 (1).exe
2017-01-19 15:43 - 2017-01-19 15:43 - 00001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-19 15:07 - 2017-01-19 15:07 - 00002108 _____ C:\Users\PC\Documents\Linkovi vaznijih stranica.txt
2017-01-18 23:08 - 2017-01-18 23:08 - 00000000 ____D C:\ProgramData\Microleaves
2017-01-18 23:05 - 2017-01-19 16:42 - 00000316 ____H C:\Windows\Tasks\Traffic Exchange v2.job
2017-01-18 23:05 - 2017-01-19 16:42 - 00000316 ____H C:\Windows\Tasks\Traffic Exchange v2 Guardian.job
2017-01-18 23:05 - 2017-01-19 16:42 - 00000316 ____H C:\Windows\Tasks\Traffic Exchange v2 Guard.job
2017-01-18 23:05 - 2017-01-19 14:08 - 00000366 ____H C:\Windows\Tasks\Traffic Exchange Updater.job
2017-01-18 23:05 - 2017-01-18 23:13 - 00000000 ____D C:\Users\PC\AppData\Roaming\Browsers
2017-01-18 23:05 - 2017-01-18 23:05 - 00003580 _____ C:\Windows\System32\Tasks\Traffic Exchange Guardian
2017-01-18 23:05 - 2017-01-18 23:05 - 00003580 _____ C:\Windows\System32\Tasks\Traffic Exchange Guard
2017-01-18 23:05 - 2017-01-18 23:05 - 00003580 _____ C:\Windows\System32\Tasks\Traffic Exchange
2017-01-18 23:05 - 2017-01-18 23:05 - 00003196 _____ C:\Windows\System32\Tasks\Traffic Exchange Updater
2017-01-18 23:05 - 2017-01-18 23:05 - 00003140 _____ C:\Windows\System32\Tasks\Traffic Exchange v2 Guardian
2017-01-18 23:05 - 2017-01-18 23:05 - 00003140 _____ C:\Windows\System32\Tasks\Traffic Exchange v2 Guard
2017-01-18 23:05 - 2017-01-18 23:05 - 00003140 _____ C:\Windows\System32\Tasks\Traffic Exchange v2
2017-01-18 23:05 - 2017-01-18 23:05 - 00000000 ____D C:\Users\PC\AppData\Roaming\SPI
2017-01-18 23:05 - 2017-01-18 23:05 - 00000000 ____D C:\Program Files (x86)\Microleaves
2017-01-18 23:04 - 2017-01-18 23:05 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microleaves
2017-01-18 23:04 - 2017-01-18 23:05 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-01-18 23:04 - 2017-01-18 23:05 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-01-18 17:57 - 2017-01-18 17:58 - 00000000 ____D C:\Users\PC\AppData\Roaming\PhotoScape
2017-01-18 17:57 - 2017-01-18 17:57 - 00001027 _____ C:\Users\UpdatusUser\Desktop\PhotoScape.lnk
2017-01-18 00:19 - 2017-01-18 00:18 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2017-01-16 23:57 - 2017-01-18 22:55 - 00000000 ____D C:\Users\PC\AppData\LocalLow\uTorrent
2017-01-16 17:45 - 2017-01-19 14:55 - 00000000 __SHD C:\$360Section
2017-01-16 16:26 - 2017-01-19 14:55 - 00000000 ____D C:\ProgramData\360Quarant
2017-01-14 11:40 - 2017-01-18 23:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\360Safe
2017-01-13 12:29 - 2017-01-19 16:40 - 00000000 ____D C:\Users\PC\AppData\LocalLow\360WD
2017-01-13 12:29 - 2017-01-18 23:13 - 00000000 ____D C:\ProgramData\360safe
2017-01-13 12:29 - 2017-01-17 19:43 - 00000000 _RSHD C:\360SANDBOX
2017-01-13 12:29 - 2017-01-16 17:45 - 00000000 ____D C:\ProgramData\360TotalSecurity
2017-01-13 12:29 - 2017-01-13 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2017-01-13 12:29 - 2017-01-13 12:29 - 00000000 ____D C:\Program Files (x86)\360
2017-01-13 12:29 - 2016-08-10 11:54 - 00391392 _____ (360.cn) C:\Windows\system32\Drivers\360fsflt.sys
2017-01-13 12:29 - 2016-08-10 11:54 - 00330472 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2017-01-13 12:29 - 2016-08-10 11:54 - 00190696 _____ (360.cn) C:\Windows\system32\Drivers\BAPIDRV64.SYS
2017-01-13 12:29 - 2016-08-10 11:54 - 00151784 _____ (360.cn) C:\Windows\system32\Drivers\360AntiHacker64.sys
2017-01-13 12:29 - 2016-08-10 11:54 - 00086248 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys
2017-01-13 12:29 - 2016-08-10 11:54 - 00086248 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2017-01-13 12:29 - 2016-08-10 11:54 - 00040520 _____ (360.cn) C:\Windows\system32\Drivers\360Camera64.sys
2017-01-12 12:58 - 2017-01-17 11:10 - 00000000 ____D C:\Users\PC\Documents\ViberDownloads
2017-01-12 12:57 - 2017-01-17 11:02 - 00000000 ____D C:\Users\PC\AppData\Roaming\ViberPC
2017-01-12 12:57 - 2017-01-12 12:57 - 00000911 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2017-01-12 12:57 - 2017-01-12 12:57 - 00000000 ____D C:\Users\PC\AppData\Roaming\NVIDIA
2017-01-12 12:57 - 2017-01-12 12:57 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2017-01-12 12:57 - 2017-01-12 12:57 - 00000000 ____D C:\Users\PC\AppData\Local\Viber
2017-01-12 12:57 - 2017-01-12 12:57 - 00000000 ____D C:\Users\PC\AppData\Local\Package Cache
2017-01-12 12:11 - 2017-01-16 23:58 - 00000000 ____D C:\Users\PC\Downloads\ESET NOD 32 4.0.0 + Serials - DivXNL-Team (32&64bit)
2017-01-12 12:07 - 2017-01-12 12:07 - 00002586 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-01-12 12:07 - 2017-01-12 12:07 - 00000000 ____D C:\Users\PC\Downloads\NOD32 Antivirus System 2.7.0 +(zabranjeno)
2017-01-12 12:06 - 2017-01-18 23:14 - 00000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2017-01-05 15:54 - 2017-01-05 15:54 - 00001189 _____ C:\Users\PC\Documents\GOM Player.lnk
2017-01-05 15:54 - 2017-01-05 15:54 - 00000355 _____ C:\Users\PC\Documents\Computer - Shortcut.lnk
2016-12-26 09:25 - 2016-12-21 20:24 - 00988307 _____ C:\Users\PC\Documents\MIILINOVIĆ Nemanja_Diplomski rad.docx
2016-12-20 12:39 - 2017-01-18 22:49 - 03312589 _____ C:\Users\PC\Desktop\MIILINOVIĆ Nemanja_Diplomski rad.docx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-19 16:35 - 2016-11-26 19:45 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2017-01-19 16:35 - 2016-11-26 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-19 16:34 - 2009-07-14 05:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-19 16:34 - 2009-07-14 05:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-19 16:29 - 2016-11-16 16:48 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-19 16:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-19 15:43 - 2014-10-05 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-19 15:38 - 2014-10-12 11:08 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-19 15:38 - 2014-10-05 14:14 - 00000000 ____D C:\Users\PC\AppData\Local\Google
2017-01-18 22:26 - 2014-10-05 18:03 - 00000000 ____D C:\Users\PC\AppData\Local\Deployment
2017-01-18 22:26 - 2014-10-05 13:23 - 00000000 ____D C:\Users\PC
2017-01-18 19:38 - 2016-12-15 20:09 - 00000000 ____D C:\Users\PC\Documents\Plinska dobava goriva
2017-01-18 00:25 - 2014-10-05 14:33 - 00000000 ____D C:\ProgramData\Oracle
2017-01-18 00:20 - 2014-10-05 14:48 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-18 00:20 - 2014-10-05 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-18 00:19 - 2014-10-05 14:33 - 00000000 ____D C:\Program Files\Java
2017-01-18 00:18 - 2014-11-16 15:19 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-01-18 00:17 - 2014-10-05 14:49 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-01-17 18:14 - 2014-10-05 14:20 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2017-01-16 16:26 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-01-16 16:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-01-14 12:26 - 2016-11-17 18:14 - 00000000 ____D C:\Users\PC\AppData\Local\Microsoft Games
2017-01-13 12:28 - 2014-10-13 12:10 - 00000000 ____D C:\Windows\system32\appmgmt
2017-01-13 12:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-11 15:09 - 2016-11-16 23:34 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-12-28 23:17 - 2014-10-05 13:23 - 00000000 ___RD C:\Users\PC\Music
2016-12-28 21:13 - 2014-10-05 13:23 - 00000000 ___RD C:\Users\PC\Saved Games
2016-12-25 17:31 - 2009-07-14 06:08 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-25 14:43 - 2014-10-05 13:48 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{501b1fdd-4c8d-11e4-8226-000c29b66189}.TMContainer00000000000000000002.regtrans-ms
2016-12-21 17:25 - 2016-11-17 17:47 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-21 17:25 - 2014-10-05 14:19 - 00000000 ____D C:\ProgramData\Skype
Some files in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\AutoTime51495.exe
C:\Users\PC\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\PC\AppData\Local\Temp\component.exe
C:\Users\PC\AppData\Local\Temp\cubecc.exe
C:\Users\PC\AppData\Local\Temp\gcapi_dll.dll
C:\Users\PC\AppData\Local\Temp\gdapi.dll
C:\Users\PC\AppData\Local\Temp\GoogleSetup.exe
C:\Users\PC\AppData\Local\Temp\gtapi_signed.dll
C:\Users\PC\AppData\Local\Temp\GTGCAPI.exe
C:\Users\PC\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\PC\AppData\Local\Temp\jre-8u121-windows-au.exe
C:\Users\PC\AppData\Local\Temp\msvcr90.dll
C:\Users\PC\AppData\Local\Temp\MyProg.exe
C:\Users\PC\AppData\Local\Temp\TMP28111.exe
C:\Users\PC\AppData\Local\Temp\vibesound.exe
C:\Users\PC\AppData\Local\Temp\wait.exe
C:\Users\PC\AppData\Local\Temp\windows.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-14 00:53
==================== End of FRST.txt ============================
|