Stalno CRASH-ovanje Google Chrome-a

Stalno CRASH-ovanje Google Chrome-a

offline
  • Pridružio: 28 Feb 2006
  • Poruke: 4
  • Gde živiš: Novi Sad

Pozdrav!

Imam problem vezan za Google Chrome.
Naime, on stalno crash-uje. Otvorim nekoliko prozora i nakon nesto vremena dodje poruka (You Google Chrome has crashed and it will now close).
To traje vec nekoliko meseci. Probao sam sve da uradim sem da reinstaliram Windows. Trazio sam razlicite nacine po forumima kako da resim problem. Od kompletne reinstalacije Chrome-a, koriscenja CClenaera i jos gomile stvari koje ni ne znam sta su a probao a nalazio na forumima. Probao sam sve sto jedan obican user moze probati. Koristim Window 7 32bitni. Takodje od antivirus softvera koristim Kaspersky a sa malware sam koristio Spybot Serach and Destroy.
Svi ostali browseri normalno rade sem Chrome-a
Sto se tice net-a, imam obican kablovski SBB oko 20up/2down.
Kompjuter mi je mozda 4 godine star i ne mislim da je problem sa resursima kompjutera.

Svaka pomoc je dobro dosla Smile

Hvala!


mycity.rs/must-login.png

mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
Ran by Korisnik (administrator) on KORISNIK-PC (13-02-2016 11:09:02)
Running from C:\Users\Korisnik\Downloads
Loaded Profiles: Korisnik (Available Profiles: Korisnik)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\Core Temp\Core Temp.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(AB Team) C:\Program Files\Webteh\BSplayerPro\bsplayer.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [NBAgent] => C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1226024 2010-02-22] (Nero AG)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [180224 2009-11-09] (PowerISO Computing, Inc.)
HKLM\...\Run: [SSDMonitor] => C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [112600 2010-11-15] (PC Tools)
HKLM\...\Run: [Malwarebytes' Anti-Malware] => C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [462408 2012-04-04] (Malwarebytes Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2912256 2009-03-11] (Leadtek Research Inc.)
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [Google Update] => C:\Users\Korisnik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc.)
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2009-11-15] (Alcohol Soft Development Team)
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [4287536 2013-11-01] ()
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [uTorrent] => C:\Users\Korisnik\AppData\Roaming\uTorrent\uTorrent.exe [2065944 2016-02-08] (BitTorrent Inc.)
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [GoogleChromeAutoLaunch_771154D8C18E782B4C9CFC63E3C3969D] => C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe [748872 2016-02-09] (Google Inc.)
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.)
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: F - F:\autorun.exe -auto
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {1c165605-35d5-11e2-8eb3-406186619dee} - G:\DriverPackSolution.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {448465ba-bf82-11e5-a8d2-4061864ef395} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {4709379a-910e-11df-9740-806e6f6e6963} - E:\DVDSetup.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {474ba6bb-a28e-11df-b7b2-406186619dee} - H:\Autorun.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {6bfdf14f-a167-11df-86ec-406186619dee} - G:\SETUP.EXE
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Korisnik\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Korisnik\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Korisnik\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-4124289598-589087637-628770778-1000] => http=;ftp=;https=;
AutoConfigURL: [S-1-5-21-4124289598-589087637-628770778-1000] => http=;ftp=;https=;
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0015E6FD-6FA9-43E0-95D0-A04A1B1A1CF7}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.gboxapp.com/
HKU\S-1-5-21-4124289598-589087637-628770778-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.google.com/
HKU\S-1-5-21-4124289598-589087637-628770778-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
URLSearchHook: HKLM -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: HKLM - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - No File
URLSearchHook: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-4124289598-589087637-628770778-1000 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - No File
SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> {163E2B1A-E533-45CD-B50C-B4846C1F95FD} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> {1B3BA10E-B125-48CC-85BA-C71EE56A58F0} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=HIP&o=102876&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=6G&apn_dtid=YYYYYYYYRS&apn_uid=0566e9b5-5100-48f4-90bd-a9dcb10af041&apn_sauid=E81CD640-EC18-4832-AE0F-9D75FC7B9A54
SearchScopes: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> {51FE5DD8-8952-41F0-ADB9-8E50F37359F6} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> uTorrentControl2 Toolbar - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09] (Conduit Ltd.)
DPF: {73848533-39E1-49F1-9363-28054268C094} hxxps://rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} hxxps://rol.raiffeisenbank.rs/RetailDLL/EBCSCC2a.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchfix.info/?pid=724&r=2014/12/10&hid=6173742099550842500&lg=EN&cc=RS&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://websearch.searchfix.info/?pid=724&r=2014/12/10&hid=6173742099550842500&lg=EN&cc=RS&l=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-05-25] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-05-06] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-23] ()
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-23] ()
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-23] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-11-01] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.1.18 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-04-10] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-03-06] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-03-06] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-03-06] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.1.18 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-04-10] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-03-06] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4124289598-589087637-628770778-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Korisnik\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-4124289598-589087637-628770778-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Korisnik\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-4124289598-589087637-628770778-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-11-01] (Pando Networks)
FF Plugin HKU\S-1-5-21-4124289598-589087637-628770778-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-05-26] (The Happy Cloud)
FF user.js: detected! => C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\user.js [2015-09-09]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2013-04-10] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013-04-10] (RealPlayer)
FF SearchPlugin: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\searchplugins\askcom.xml [2012-01-17]
FF SearchPlugin: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\searchplugins\utorrentcontrol2-customized-web-search.xml [2014-01-20]
FF Extension: copUnk - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\21sz33tb4@mJ.com [2015-01-22] [not signed]
FF Extension: ceoppunnK - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\4XJ8@ar7eUN.edu [2015-01-22] [not signed]
FF Extension: NEtoeCoupon - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\is@sFYj2nF.com [2015-01-22] [not signed]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-01-07] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-01-07] [not signed]
FF Extension: z - C:\Program Files\Mozilla Firefox\extensions\{d3f8b144-0781-1e60-c882-4c0ff5281955} [2016-01-07] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-06-30] [not signed]
FF HKLM\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-04-10] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-23] [not signed]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-23] [not signed]
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-10-23] [not signed]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-10-23] [not signed]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-23] [not signed]
FF HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox
FF Extension: Freemake Video Downloader - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox [2011-03-13] [not signed]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-29]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-12-29]
CHR HKLM\...\Chrome\Extension: [aaaapnjeoabhkpdiinmomghdncekhiib] - C:\Users\Korisnik\AppData\Local\APN\GoogleCRXs\aaaapnjeoabhkpdiinmomghdncekhiib_7.14.0.0.crx [2011-12-25]
CHR HKLM\...\Chrome\Extension: [dbgalemaidlifaeappogmgmgifhkfkee] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2010-12-29]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [dcillohgikpecbmgioknapdpcjofaafl] - C:\Users\Korisnik\AppData\Roaming\Claro\claro.crx [2012-11-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [hidjnkeodmholilgafgdlgmgggbhnigl] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - <no Path\update_url>
CHR HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - <no Path\update_url>
StartMenuInternet: Google Chrome - C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [294400 2011-06-27] (Advanced Micro Devices, Inc.) [File not signed]
S2 AVP15.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [654408 2012-04-04] (Malwarebytes Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [462632 2010-02-18] (Nero AG)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1343400 2010-07-16] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135264 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112136 2014-10-23] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [34400 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [644808 2014-10-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24672 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145888 2014-03-26] (Kaspersky Lab ZAO)
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22344 2012-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-11-27] (Malwarebytes Corporation)
R3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
R3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [162720 2009-04-14] (Realtek Semiconductor Corp.)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [59388 2009-11-09] (PowerISO Computing, Inc.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-08-06] () [File not signed]
R3 ULCDRHlp; C:\Windows\System32\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-14] () [File not signed]
R3 WFLR6654; C:\Windows\System32\drivers\wfeaglxt.sys [433920 2009-10-21] (Leadtek Research Inc.)
U3 ad3f5bta; C:\Windows\system32\Drivers\ad3f5bta.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S1 adhdqlkq; \??\C:\Windows\system32\drivers\adhdqlkq.sys [X]
R3 ALSysIO; \??\C:\Users\Korisnik\AppData\Local\Temp\ALSysIO.sys [X]
S1 awpaflay; \??\C:\Windows\system32\drivers\awpaflay.sys [X]
S1 axulqmnr; \??\C:\Windows\system32\drivers\axulqmnr.sys [X]
S1 blwasutl; \??\C:\Windows\system32\drivers\blwasutl.sys [X]
S1 bumstcdf; \??\C:\Windows\system32\drivers\bumstcdf.sys [X]
S3 cpuz131; \??\C:\Users\Korisnik\AppData\Local\Temp\cpuz131\cpuz_x32.sys [X]
S1 cqqtwodu; \??\C:\Windows\system32\drivers\cqqtwodu.sys [X]
S1 dandhyzn; \??\C:\Windows\system32\drivers\dandhyzn.sys [X]
S1 dvdhcjmm; \??\C:\Windows\system32\drivers\dvdhcjmm.sys [X]
S1 eeuxmykw; \??\C:\Windows\system32\drivers\eeuxmykw.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S1 hzyfhqup; \??\C:\Windows\system32\drivers\hzyfhqup.sys [X]
S1 ijzcoged; \??\C:\Windows\system32\drivers\ijzcoged.sys [X]
S1 isvntnla; \??\C:\Windows\system32\drivers\isvntnla.sys [X]
S1 jdujfyfu; \??\C:\Windows\system32\drivers\jdujfyfu.sys [X]
S1 lxtkgsou; \??\C:\Windows\system32\drivers\lxtkgsou.sys [X]
S1 mkmqslxq; \??\C:\Windows\system32\drivers\mkmqslxq.sys [X]
S1 mpeszoog; \??\C:\Windows\system32\drivers\mpeszoog.sys [X]
S1 muwjkgic; \??\C:\Windows\system32\drivers\muwjkgic.sys [X]
S2 NEWDRIVER; \??\C:\Windows\system32\WinVDEdrv6.sys [X]
S1 notyhkcc; \??\C:\Windows\system32\drivers\notyhkcc.sys [X]
S1 pzdltadc; \??\C:\Windows\system32\drivers\pzdltadc.sys [X]
S1 qkqpdzyb; \??\C:\Windows\system32\drivers\qkqpdzyb.sys [X]
S1 rzsbscfd; \??\C:\Windows\system32\drivers\rzsbscfd.sys [X]
S1 sloyfpju; \??\C:\Windows\system32\drivers\sloyfpju.sys [X]
S1 wcpiabgh; \??\C:\Windows\system32\drivers\wcpiabgh.sys [X]
S1 ybsngrou; \??\C:\Windows\system32\drivers\ybsngrou.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-13 11:09 - 2016-02-13 11:09 - 00031280 _____ C:\Users\Korisnik\Downloads\FRST.txt
2016-02-13 11:08 - 2016-02-13 11:09 - 00000000 ____D C:\FRST
2016-02-13 11:08 - 2016-02-13 11:08 - 01721344 _____ (Farbar) C:\Users\Korisnik\Downloads\FRST.exe
2016-02-13 01:23 - 2016-02-13 01:24 - 00000000 ____D C:\AdwCleaner
2016-02-13 01:23 - 2016-02-13 01:23 - 01508352 _____ C:\Users\Korisnik\Downloads\AdwCleaner.exe
2016-02-13 01:17 - 2016-02-13 01:17 - 00021042 _____ C:\Users\Korisnik\Downloads\[kat.cr]law.abiding.citizen.2009.1080p.brrip.x264.yify.torrent
2016-02-13 01:16 - 2016-02-13 01:16 - 00021377 _____ C:\Users\Korisnik\Downloads\[kat.cr]gamer.2009.1080p.bluray.5.1.x264.nvee.daku.rg.torrent
2016-02-13 01:15 - 2016-02-13 01:15 - 00015076 _____ C:\Users\Korisnik\Downloads\[kat.cr]splice.2009.1080p.brrip.x264.yify.torrent
2016-02-13 01:09 - 2016-02-13 01:09 - 00015701 _____ C:\Users\Korisnik\Downloads\[kat.cr]babylon.a.d.extended.2008.720p.brrip.x264.750mb.yify.torrent
2016-02-13 01:07 - 2016-02-13 01:07 - 00016567 _____ C:\Users\Korisnik\Downloads\[kat.cr]the.day.the.earth.stood.still.2008.1080p.bluray.x264.aac.etrg.torrent
2016-02-13 00:54 - 2016-02-13 00:54 - 00020586 _____ C:\Users\Korisnik\Downloads\[kat.cr]stealth.2005.720p.bdrip.500m.yify.torrent
2016-02-13 00:08 - 2016-02-13 00:08 - 00018483 _____ C:\Users\Korisnik\Downloads\[kat.cr]eagle.eye.2008.1080p.bluray.x264.dual.audio.hindi.dd.2.0.english.dd.5.1.loki.m2tv.torrent
2016-02-13 00:00 - 2016-02-13 00:00 - 00019146 _____ C:\Users\Korisnik\Downloads\[kat.cr]blindness.2008.1080p.brrip.x264.1.80gb.yify.torrent
2016-02-12 23:55 - 2016-02-12 23:56 - 00010043 _____ C:\Users\Korisnik\Downloads\[kat.cr]noah.2014.720p.brrip.x264.yify.torrent
2016-02-11 23:38 - 2016-02-11 23:38 - 00016070 _____ C:\Users\Korisnik\Downloads\[kat.cr]doom.unrated.2005.1080p.brrip.x264.1.50gb.yify.torrent
2016-02-11 23:19 - 2016-02-11 23:19 - 00020586 _____ C:\Users\Korisnik\Downloads\[kat.cr]jupiter.ascending.2015.1080p.brrip.x264.yify.torrent
2016-02-11 16:03 - 2016-02-11 16:03 - 00114298 _____ C:\Users\Korisnik\Downloads\[kat.cr]hell.fire.2015.brrip.xvid.ac3.evo.torrent
2016-02-11 02:56 - 2016-02-11 02:56 - 00054983 _____ C:\Users\Korisnik\Downloads\[kat.cr]volcano.1997.dvdrip.eng.doubledge.torrent
2016-02-11 00:11 - 2016-02-11 00:11 - 00019108 _____ C:\Users\Korisnik\Downloads\[kat.cr]apollo.13.1995.1080p.brrip.x264.1.80.gb.yify.torrent
2016-02-11 00:08 - 2016-02-11 00:08 - 00327888 _____ C:\Users\Korisnik\Downloads\[kat.cr]volcano.1997.1080p.bdrip.h264.aac.kingdom.torrent
2016-02-10 22:32 - 2016-02-10 22:32 - 00148072 _____ C:\Windows\Minidump\021016-44460-01.dmp
2016-02-10 15:46 - 2016-02-10 15:46 - 00014628 _____ C:\Users\Korisnik\Downloads\[kat.cr]point.break.2015.hdcam.xvid.ac3.hq.hive.cm8.avi.torrent
2016-02-09 22:23 - 2016-02-09 22:23 - 00003473 _____ C:\Users\Korisnik\Downloads\[kat.cr]the.x.files.s10e04.proper.hdtv.x264.2hd.ettv.torrent
2016-02-09 16:53 - 2016-02-09 16:53 - 00023396 _____ C:\Users\Korisnik\Downloads\[kat.cr]the.magicians.s01e04.hdtv.x264.fleet.rartv.torrent
2016-02-09 16:53 - 2016-02-09 16:53 - 00003283 _____ C:\Users\Korisnik\Downloads\[kat.cr]lucifer.s01e03.hdtv.x264.lol.ettv.torrent
2016-02-09 00:21 - 2016-02-09 00:21 - 00005295 _____ C:\Users\Korisnik\Downloads\[kat.cr]the.100.s03e02.internal.hdtv.x264.killers.ettv.torrent
2016-02-09 00:21 - 2016-02-09 00:21 - 00004321 _____ C:\Users\Korisnik\Downloads\[kat.cr]the.100.s03e01.hdtv.x264.killers.ettv.torrent
2016-02-09 00:21 - 2016-02-09 00:21 - 00004191 _____ C:\Users\Korisnik\Downloads\[kat.cr]the.100.s03e03.hdtv.x264.fum.ettv.torrent
2016-02-08 22:40 - 2016-02-08 22:40 - 00091838 _____ C:\Users\Korisnik\Downloads\[kat.cr]fifty.shades.of.black.2016.cam.x264.cox.torrent
2016-02-08 22:40 - 2016-02-08 22:40 - 00003993 _____ C:\Users\Korisnik\Downloads\[kat.cr]billions.s01e04.hdtv.x264.killers.ettv.torrent
2016-02-08 22:39 - 2016-02-08 22:39 - 00112735 _____ C:\Users\Korisnik\Downloads\[kat.cr]dementia.2016.hdrip.xvid.ac3.evo.torrent
2016-02-08 22:32 - 2016-02-08 22:32 - 00148072 _____ C:\Windows\Minidump\020816-23618-01.dmp
2016-02-08 22:28 - 2016-02-08 22:28 - 00148072 _____ C:\Windows\Minidump\020816-24102-01.dmp
2016-02-08 09:33 - 2016-02-08 09:33 - 00023980 _____ C:\Users\Korisnik\Downloads\[kat.cr]your3dfantasy.y3df.siterip.12.december.2015.(zabranjeno).3d.comics.almerias.torrent
2016-02-08 09:15 - 2016-02-08 09:15 - 00018447 _____ C:\Users\Korisnik\Downloads\[kat.cr]y3df.release.to.preggo.or.not.to.preggo.updated.2.january.2016.(zabranjeno).3d.comics.almerias.torrent
2016-02-08 09:14 - 2016-02-08 09:14 - 00017754 _____ C:\Users\Korisnik\Downloads\[kat.cr]y3df.the.seeker.something.is.bugging.me.neglect.updated.15.january.2016.(zabranjeno).3d.comics.almerias.torrent
2016-02-08 09:14 - 2016-02-08 09:14 - 00012895 _____ C:\Users\Korisnik\Downloads\[kat.cr]y3df.who.did.it.complete.(zabranjeno).3d.comics.almerias.torrent
2016-02-08 09:13 - 2016-02-08 09:13 - 00017871 _____ C:\Users\Korisnik\Downloads\[kat.cr]y3df.the.bang.complete.(zabranjeno).3d.comics.almerias.torrent
2016-02-08 09:10 - 2016-02-08 09:10 - 00019958 _____ C:\Users\Korisnik\Downloads\[kat.cr]y3df.to.preggo.or.not.to.preggo.complete.3d.(zabranjeno).comics.almerias.torrent
2016-02-08 09:10 - 2016-02-08 09:10 - 00016444 _____ C:\Users\Korisnik\Downloads\[kat.cr]y3df.sabotage.neglect.something.is.bugging.me.updated.28.january.2016.3d.(zabranjeno).comics.almerias.torrent
2016-02-08 09:10 - 2016-02-08 09:10 - 00007154 _____ C:\Users\Korisnik\Downloads\[kat.cr]y3df.the.fucking.dead.nxtcomics.info.torrent
2016-02-08 09:10 - 2016-02-08 09:10 - 00002838 _____ C:\Users\Korisnik\Downloads\[kat.cr]y3df.neglect.nxtcomics.info.torrent
2016-02-08 09:09 - 2016-02-08 09:09 - 00015083 _____ C:\Users\Korisnik\Downloads\[kat.cr]y3df.neglect.new.26.pages.3d.(zabranjeno).comics.torrent
2016-02-08 09:08 - 2016-02-08 09:08 - 00028397 _____ C:\Users\Korisnik\Downloads\[kat.cr]private.xxx.magazine.collection.pdf.megapack.carg.torrent
2016-02-08 09:05 - 2016-02-08 09:05 - 00095276 _____ C:\Users\Korisnik\Downloads\[kat.cr]jab.comix.jabcomix.siterip.6.december.2015.(zabranjeno).comics.almerias.torrent
2016-02-08 09:05 - 2016-02-08 09:05 - 00012689 _____ C:\Users\Korisnik\Downloads\[kat.cr]oral.sex.she.ll.never.forget.50.positions.and.techniques.by.sonia.borg.pdf.zeke23.torrent
2016-02-08 01:17 - 2016-02-08 01:17 - 00012692 _____ C:\Users\Korisnik\Downloads\[kat.cr]fansadox.collection.417.a.tale.of.chinese.slavery.1.captured.celestin.dmca.reupload.(zabranjeno).comics.almerias (1).torrent
2016-02-08 01:04 - 2016-02-08 01:04 - 00014005 _____ C:\Users\Korisnik\Downloads\[kat.cr]fansadox.collection.419.agnes.beauvais.cagri.new.(zabranjeno).comics.almerias.torrent
2016-02-08 01:04 - 2016-02-08 01:04 - 00014005 _____ C:\Users\Korisnik\Downloads\[kat.cr]fansadox.collection.419.agnes.beauvais.cagri.new.(zabranjeno).comics.almerias (1).torrent
2016-02-08 01:04 - 2016-02-08 01:04 - 00013606 _____ C:\Users\Korisnik\Downloads\[kat.cr]fansadox.collection.413.a.bold.officer.cagri.dmca.reupload.(zabranjeno).comics.almerias.torrent
2016-02-08 01:04 - 2016-02-08 01:04 - 00012692 _____ C:\Users\Korisnik\Downloads\[kat.cr]fansadox.collection.417.a.tale.of.chinese.slavery.1.captured.celestin.dmca.reupload.(zabranjeno).comics.almerias.torrent
2016-02-08 00:52 - 2016-02-08 00:52 - 00041379 _____ C:\Users\Korisnik\Downloads\[kat.cr]dofantasy.predondo.prison.horror.story.1.6.torrent
2016-02-08 00:52 - 2016-02-08 00:52 - 00008191 _____ C:\Users\Korisnik\Downloads\[kat.cr]dofantasy.female.correctional.institute.the.induction.torrent
2016-01-17 03:11 - 2016-01-17 03:11 - 00001783 _____ C:\Users\Korisnik\Desktop\MPC-HC.lnk
2016-01-17 03:11 - 2016-01-17 03:11 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\MPC-HC
2016-01-17 03:11 - 2016-01-17 03:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2016-01-17 03:11 - 2016-01-17 03:11 - 00000000 ____D C:\Program Files\MPC-HC
2016-01-17 03:04 - 2016-01-17 03:05 - 00000000 ____D C:\KMPlayer
2016-01-17 03:04 - 2016-01-17 03:04 - 00000606 _____ C:\Users\Korisnik\Desktop\KMPlayer.lnk
2016-01-17 03:04 - 2016-01-17 03:04 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-13 11:10 - 2013-11-01 21:59 - 00000000 ____D C:\Users\Korisnik\AppData\Local\PMB Files
2016-02-13 11:03 - 2011-03-23 18:16 - 00000000 ____D C:\ProgramData\TEMP
2016-02-13 11:00 - 2010-07-16 11:40 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-13 10:59 - 2013-03-19 01:06 - 00000382 _____ C:\Windows\Tasks\update-S-1-5-21-4124289598-589087637-628770778-1000.job
2016-02-13 10:52 - 2012-04-10 15:19 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-13 10:42 - 2012-06-21 19:25 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124289598-589087637-628770778-1000UA.job
2016-02-13 07:44 - 2013-03-19 01:06 - 00000382 _____ C:\Windows\Tasks\update-sys.job
2016-02-13 03:27 - 2010-07-16 17:39 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\uTorrent
2016-02-13 03:02 - 2009-07-14 05:34 - 00029856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-13 03:02 - 2009-07-14 05:34 - 00029856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-13 02:42 - 2012-06-21 19:25 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124289598-589087637-628770778-1000Core.job
2016-02-13 00:45 - 2010-07-16 17:18 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\Skype
2016-02-12 23:59 - 2014-10-23 16:24 - 00000000 ____D C:\Users\Korisnik\Documents\ViberDownloads
2016-02-12 23:58 - 2014-10-23 16:23 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\ViberPC
2016-02-12 23:00 - 2010-07-16 11:40 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-12 22:09 - 2011-01-22 11:53 - 00000000 ____D C:\Users\Korisnik\AppData\LocalLow\Temp
2016-02-12 22:07 - 2014-01-03 13:45 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-02-12 22:07 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-12 16:37 - 2016-01-07 13:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-11 01:01 - 2015-09-09 18:08 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\CDisplayEx
2016-02-11 00:35 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-02-10 22:40 - 2012-06-21 19:26 - 00002407 _____ C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 22:32 - 2010-08-16 01:11 - 00000000 ____D C:\Windows\Minidump
2016-02-10 20:46 - 2013-12-15 02:23 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 20:36 - 2010-07-16 12:19 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:52 - 2012-04-10 15:19 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 18:52 - 2011-05-15 11:43 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-08 09:08 - 2010-07-16 11:58 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\BSplayer Pro
2016-02-07 08:24 - 2011-06-30 18:54 - 00000260 _____ C:\Windows\Tasks\RMSchedule.job
2016-02-01 10:29 - 2011-03-13 12:09 - 00000390 _____ C:\Windows\Tasks\SmartDefrag.job
2016-01-28 14:20 - 2010-07-16 17:17 - 00000000 ____D C:\ProgramData\Skype
2016-01-27 10:40 - 2010-07-16 11:40 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-27 10:40 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-26 18:02 - 2015-12-15 19:00 - 00000000 ____D C:\Users\Korisnik\Desktop\play lista
2016-01-17 03:25 - 2012-05-21 00:17 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\vlc
2016-01-15 18:16 - 2015-11-17 18:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2011-09-22 15:51 - 2011-09-22 15:51 - 0000412 _____ () C:\Users\Korisnik\AppData\Roaming\All CPU Meter_Settings.ini
2011-08-19 19:39 - 2011-08-19 19:39 - 0038447 _____ () C:\Users\Korisnik\AppData\Roaming\Comma Separated Values (Windows).ADR
2011-09-22 15:50 - 2011-09-22 15:50 - 0000339 _____ () C:\Users\Korisnik\AppData\Roaming\Drives Meter_Settings.ini
2013-11-27 20:14 - 2014-05-23 08:08 - 0000043 _____ () C:\Users\Korisnik\AppData\Roaming\mbam.context.scan
2011-01-25 22:05 - 2015-12-27 03:07 - 0007680 _____ () C:\Users\Korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-11 14:01 - 2014-11-11 14:30 - 0000700 ___SH () C:\Users\Korisnik\AppData\Local\systemFL7.dat
2013-03-19 01:06 - 2013-03-19 01:06 - 0000003 _____ () C:\Users\Korisnik\AppData\Local\updater.log
2013-03-19 01:06 - 2015-10-03 05:13 - 0000412 _____ () C:\Users\Korisnik\AppData\Local\UserProducts.xml
2010-07-16 17:19 - 2010-07-16 17:19 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some files in TEMP:
====================
C:\Users\Korisnik\AppData\Local\Temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\System32\wwaninst.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-08 03:53

==================== End of FRST.txt ============================

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8616
  • Gde živiš: Novi Beograd

Zdravo,

probacemo da pomognemo, ali prvo moramo da ocistimo racunar od raznih napasti.

Deinstaliraj sledece programe preko Control Panela:

AutocompletePro
BuuyNaSave
Chrome Logger
Claro Chrome Toolbar
Contextual Tool Yourprofitclub
ParallelInline
Updater
uTorrentControl2 Toolbar
YOuttuBEAdBlocKe

Zatim,

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt
-----------

Preuzmi Junkware Removal Tool ( JRT ) i sacuvaj ga na desktop.

zatvori browser i ostale pokrenute programe;

Privremeno deaktiviraj zastitni softver (Uputstvo);

dvoklikom na ikonicu pokreni program JRT;

Kod obavestenja "press any key" pritisnuti bilo koji taster i alat ce zapoceti skeniranje.
Napomena: u zavisnosti od sistemske specifikacije vreme skeniranja u nekim slucajevima moze da potraje.

Kada zavrsi otvorice se log sa izvestajem koji ce biti sacuvan na desktopu pod nazivom JRT.txt


Arrow Kopiraj sadrzaj tog loga u temu.

offline
  • Pridružio: 28 Feb 2006
  • Poruke: 4
  • Gde živiš: Novi Sad

Ok...

Od pocetka

Sto se tice programa:


BuuyNaSave - nema
Chrome Logger - nema
Contextual Tool Yourprofitclub - nema
ParallelInline - prntscr.com/a2oq80 - ovo se pojavilo
uTorrentControl2 Toolbar - prntscr.com/a2oqsd
YOuttuBEAdBlocKe - nema

nema - nema ih u programs and features

Sto se tice adwcleaner

mycity.rs/must-login.png

I na kraju,

JRT ne moze da uradi scan zato sto mi komp radi crash dump. Pet puta sam probao da ga skeniram

Smile

Hvala na trudu!

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8616
  • Gde živiš: Novi Beograd

Dobro, AdwCleaner je odradio vecinu kao sto se iz loga vidi.

Sad mi postavi nove FRST logove.

Znaci, ispostuj proceduru do kraja, skini FRST na Desktop, ne u Downloads folder, pokreni ga i postavi mi nove logove. I FRST log i Addition. Da bi se resili ostatka i da vidimo dalje sta cemo.

offline
  • Pridružio: 28 Feb 2006
  • Poruke: 4
  • Gde živiš: Novi Sad

Evo ih logovi. Nisam nikakav fix radio, samo scan.


mycity.rs/must-login.png



mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
Ran by Korisnik (administrator) on KORISNIK-PC (13-02-2016 17:39:30)
Running from C:\Users\Korisnik\Desktop
Loaded Profiles: Korisnik (Available Profiles: Korisnik)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\Core Temp\Core Temp.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe
(BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AB Team) C:\Program Files\Webteh\BSplayerPro\bsplayer.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [NBAgent] => C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1226024 2010-02-22] (Nero AG)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [180224 2009-11-09] (PowerISO Computing, Inc.)
HKLM\...\Run: [SSDMonitor] => C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [112600 2010-11-15] (PC Tools)
HKLM\...\Run: [Malwarebytes' Anti-Malware] => C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [462408 2012-04-04] (Malwarebytes Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2912256 2009-03-11] (Leadtek Research Inc.)
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [Google Update] => C:\Users\Korisnik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc.)
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2009-11-15] (Alcohol Soft Development Team)
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [4287536 2013-11-01] ()
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [uTorrent] => C:\Users\Korisnik\AppData\Roaming\uTorrent\uTorrent.exe [2065944 2016-02-08] (BitTorrent Inc.)
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.)
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: F - F:\autorun.exe -auto
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {1c165605-35d5-11e2-8eb3-406186619dee} - G:\DriverPackSolution.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {448465ba-bf82-11e5-a8d2-4061864ef395} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {4709379a-910e-11df-9740-806e6f6e6963} - E:\DVDSetup.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {474ba6bb-a28e-11df-b7b2-406186619dee} - H:\Autorun.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {6bfdf14f-a167-11df-86ec-406186619dee} - G:\SETUP.EXE
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Korisnik\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Korisnik\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Korisnik\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-10-21] (Google)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-4124289598-589087637-628770778-1000] => http=;ftp=;https=;
AutoConfigURL: [S-1-5-21-4124289598-589087637-628770778-1000] => http=;ftp=;https=;
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0015E6FD-6FA9-43E0-95D0-A04A1B1A1CF7}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-4124289598-589087637-628770778-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.google.com/
HKU\S-1-5-21-4124289598-589087637-628770778-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
URLSearchHook: HKLM -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
URLSearchHook: HKLM - (No Name) - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - No File
URLSearchHook: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-4124289598-589087637-628770778-1000 - (No Name) - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - No File
SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> {163E2B1A-E533-45CD-B50C-B4846C1F95FD} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> {51FE5DD8-8952-41F0-ADB9-8E50F37359F6} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
DPF: {73848533-39E1-49F1-9363-28054268C094} hxxps://rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} hxxps://rol.raiffeisenbank.rs/RetailDLL/EBCSCC2a.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-05-25] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-05-06] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-23] ()
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-23] ()
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-23] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-11-01] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.1.18 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-04-10] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-03-06] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-03-06] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-03-06] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.1.18 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-04-10] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-03-06] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4124289598-589087637-628770778-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Korisnik\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-4124289598-589087637-628770778-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Korisnik\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-4124289598-589087637-628770778-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-11-01] (Pando Networks)
FF Plugin HKU\S-1-5-21-4124289598-589087637-628770778-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-05-26] (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2013-04-10] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013-04-10] (RealPlayer)
FF Extension: copUnk - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\21sz33tb4@mJ.com [2015-01-22] [not signed]
FF Extension: ceoppunnK - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\4XJ8@ar7eUN.edu [2015-01-22] [not signed]
FF Extension: NEtoeCoupon - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\is@sFYj2nF.com [2015-01-22] [not signed]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-01-07] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-01-07] [not signed]
FF Extension: z - C:\Program Files\Mozilla Firefox\extensions\{d3f8b144-0781-1e60-c882-4c0ff5281955} [2016-01-07] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-06-30] [not signed]
FF HKLM\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-04-10] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-23] [not signed]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-23] [not signed]
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-10-23] [not signed]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-10-23] [not signed]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-23] [not signed]
FF HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox
FF Extension: Freemake Video Downloader - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox [2011-03-13] [not signed]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-29]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-12-29]
CHR HKLM\...\Chrome\Extension: [aaaapnjeoabhkpdiinmomghdncekhiib] - C:\Users\Korisnik\AppData\Local\APN\GoogleCRXs\aaaapnjeoabhkpdiinmomghdncekhiib_7.14.0.0.crx <not found>
CHR HKLM\...\Chrome\Extension: [dbgalemaidlifaeappogmgmgifhkfkee] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2010-12-29]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
CHR HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [294400 2011-06-27] (Advanced Micro Devices, Inc.) [File not signed]
S2 AVP15.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [654408 2012-04-04] (Malwarebytes Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [462632 2010-02-18] (Nero AG)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1343400 2010-07-16] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135264 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112136 2014-10-23] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [34400 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [644808 2014-10-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24672 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145888 2014-03-26] (Kaspersky Lab ZAO)
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22344 2012-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-11-27] (Malwarebytes Corporation)
R3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
R3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [162720 2009-04-14] (Realtek Semiconductor Corp.)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [59388 2009-11-09] (PowerISO Computing, Inc.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-08-06] () [File not signed]
R3 ULCDRHlp; C:\Windows\System32\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-14] () [File not signed]
R3 WFLR6654; C:\Windows\System32\drivers\wfeaglxt.sys [433920 2009-10-21] (Leadtek Research Inc.)
U3 amt2se3k; C:\Windows\system32\Drivers\amt2se3k.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S1 adhdqlkq; \??\C:\Windows\system32\drivers\adhdqlkq.sys [X]
R3 ALSysIO; \??\C:\Users\Korisnik\AppData\Local\Temp\ALSysIO.sys [X]
S1 awpaflay; \??\C:\Windows\system32\drivers\awpaflay.sys [X]
S1 axulqmnr; \??\C:\Windows\system32\drivers\axulqmnr.sys [X]
S1 blwasutl; \??\C:\Windows\system32\drivers\blwasutl.sys [X]
S1 bumstcdf; \??\C:\Windows\system32\drivers\bumstcdf.sys [X]
S3 cpuz131; \??\C:\Users\Korisnik\AppData\Local\Temp\cpuz131\cpuz_x32.sys [X]
S1 cqqtwodu; \??\C:\Windows\system32\drivers\cqqtwodu.sys [X]
S1 dandhyzn; \??\C:\Windows\system32\drivers\dandhyzn.sys [X]
S1 dvdhcjmm; \??\C:\Windows\system32\drivers\dvdhcjmm.sys [X]
S1 eeuxmykw; \??\C:\Windows\system32\drivers\eeuxmykw.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S1 hzyfhqup; \??\C:\Windows\system32\drivers\hzyfhqup.sys [X]
S1 ijzcoged; \??\C:\Windows\system32\drivers\ijzcoged.sys [X]
S1 isvntnla; \??\C:\Windows\system32\drivers\isvntnla.sys [X]
S1 jdujfyfu; \??\C:\Windows\system32\drivers\jdujfyfu.sys [X]
S1 lxtkgsou; \??\C:\Windows\system32\drivers\lxtkgsou.sys [X]
S1 mkmqslxq; \??\C:\Windows\system32\drivers\mkmqslxq.sys [X]
S1 mpeszoog; \??\C:\Windows\system32\drivers\mpeszoog.sys [X]
S1 muwjkgic; \??\C:\Windows\system32\drivers\muwjkgic.sys [X]
S2 NEWDRIVER; \??\C:\Windows\system32\WinVDEdrv6.sys [X]
S1 notyhkcc; \??\C:\Windows\system32\drivers\notyhkcc.sys [X]
S1 pzdltadc; \??\C:\Windows\system32\drivers\pzdltadc.sys [X]
S1 qkqpdzyb; \??\C:\Windows\system32\drivers\qkqpdzyb.sys [X]
S1 rzsbscfd; \??\C:\Windows\system32\drivers\rzsbscfd.sys [X]
S1 sloyfpju; \??\C:\Windows\system32\drivers\sloyfpju.sys [X]
S1 wcpiabgh; \??\C:\Windows\system32\drivers\wcpiabgh.sys [X]
S1 ybsngrou; \??\C:\Windows\system32\drivers\ybsngrou.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-13 17:37 - 2016-02-13 17:39 - 00028889 _____ C:\Users\Korisnik\Desktop\FRST.txt
2016-02-13 14:55 - 2016-02-13 14:55 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-13 13:54 - 2016-02-13 13:54 - 00000000 ____D C:\Users\Korisnik\AppData\LocalLow\uTorrent
2016-02-13 13:36 - 2016-02-13 13:36 - 00152200 _____ C:\Windows\Minidump\021316-39717-01.dmp
2016-02-13 13:34 - 2016-02-13 13:34 - 533025130 _____ C:\Windows\MEMORY.DMP
2016-02-13 13:26 - 2016-02-13 13:26 - 00073177 _____ C:\Users\Korisnik\Desktop\AdwCleaner[C1].txt
2016-02-13 13:08 - 2016-02-13 13:08 - 01609032 _____ (Malwarebytes) C:\Users\Korisnik\Desktop\JRT.exe
2016-02-13 12:56 - 2016-02-13 12:56 - 01508352 _____ C:\Users\Korisnik\Desktop\AdwCleaner (1).exe
2016-02-13 11:08 - 2016-02-13 17:39 - 00000000 ____D C:\FRST
2016-02-13 11:08 - 2016-02-13 11:08 - 01721344 _____ (Farbar) C:\Users\Korisnik\Desktop\FRST.exe
2016-02-13 01:23 - 2016-02-13 13:21 - 00000000 ____D C:\AdwCleaner
2016-02-10 22:32 - 2016-02-10 22:32 - 00148072 _____ C:\Windows\Minidump\021016-44460-01.dmp
2016-02-08 22:32 - 2016-02-08 22:32 - 00148072 _____ C:\Windows\Minidump\020816-23618-01.dmp
2016-02-08 22:28 - 2016-02-08 22:28 - 00148072 _____ C:\Windows\Minidump\020816-24102-01.dmp
2016-01-17 03:11 - 2016-01-17 03:11 - 00001783 _____ C:\Users\Korisnik\Desktop\MPC-HC.lnk
2016-01-17 03:11 - 2016-01-17 03:11 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\MPC-HC
2016-01-17 03:11 - 2016-01-17 03:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2016-01-17 03:11 - 2016-01-17 03:11 - 00000000 ____D C:\Program Files\MPC-HC
2016-01-17 03:04 - 2016-01-17 03:05 - 00000000 ____D C:\KMPlayer
2016-01-17 03:04 - 2016-01-17 03:04 - 00000606 _____ C:\Users\Korisnik\Desktop\KMPlayer.lnk
2016-01-17 03:04 - 2016-01-17 03:04 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-13 17:39 - 2013-11-01 21:59 - 00000000 ____D C:\Users\Korisnik\AppData\Local\PMB Files
2016-02-13 17:38 - 2010-07-16 17:39 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\uTorrent
2016-02-13 17:00 - 2014-01-03 13:45 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-02-13 17:00 - 2010-07-16 11:40 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-13 16:52 - 2012-04-10 15:19 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-13 16:42 - 2012-06-21 19:25 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124289598-589087637-628770778-1000UA.job
2016-02-13 14:43 - 2010-07-16 17:18 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\Skype
2016-02-13 14:38 - 2012-11-21 17:19 - 00000000 ____D C:\Users\Korisnik\Desktop\programi
2016-02-13 14:36 - 2015-05-17 11:24 - 00002236 _____ C:\Users\Korisnik\Desktop\Safe Money.lnk
2016-02-13 13:53 - 2010-07-16 11:40 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-13 13:53 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-13 13:36 - 2010-08-16 01:11 - 00000000 ____D C:\Windows\Minidump
2016-02-13 12:38 - 2014-10-23 16:24 - 00000000 ____D C:\Users\Korisnik\Documents\ViberDownloads
2016-02-13 11:42 - 2014-10-23 16:23 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\ViberPC
2016-02-13 11:03 - 2011-03-23 18:16 - 00000000 ____D C:\ProgramData\TEMP
2016-02-13 03:02 - 2009-07-14 05:34 - 00029856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-13 03:02 - 2009-07-14 05:34 - 00029856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-13 02:42 - 2012-06-21 19:25 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124289598-589087637-628770778-1000Core.job
2016-02-12 22:09 - 2011-01-22 11:53 - 00000000 ____D C:\Users\Korisnik\AppData\LocalLow\Temp
2016-02-12 16:37 - 2016-01-07 13:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-11 01:01 - 2015-09-09 18:08 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\CDisplayEx
2016-02-11 00:35 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-02-10 22:40 - 2012-06-21 19:26 - 00002407 _____ C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 20:46 - 2013-12-15 02:23 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 20:36 - 2010-07-16 12:19 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:52 - 2012-04-10 15:19 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 18:52 - 2011-05-15 11:43 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-08 09:08 - 2010-07-16 11:58 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\BSplayer Pro
2016-02-01 10:29 - 2011-03-13 12:09 - 00000390 _____ C:\Windows\Tasks\SmartDefrag.job
2016-01-28 14:20 - 2010-07-16 17:17 - 00000000 ____D C:\ProgramData\Skype
2016-01-27 10:40 - 2010-07-16 11:40 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-27 10:40 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-26 18:02 - 2015-12-15 19:00 - 00000000 ____D C:\Users\Korisnik\Desktop\play lista
2016-01-17 03:25 - 2012-05-21 00:17 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\vlc
2016-01-15 18:16 - 2015-11-17 18:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2011-09-22 15:51 - 2011-09-22 15:51 - 0000412 _____ () C:\Users\Korisnik\AppData\Roaming\All CPU Meter_Settings.ini
2011-08-19 19:39 - 2011-08-19 19:39 - 0038447 _____ () C:\Users\Korisnik\AppData\Roaming\Comma Separated Values (Windows).ADR
2011-09-22 15:50 - 2011-09-22 15:50 - 0000339 _____ () C:\Users\Korisnik\AppData\Roaming\Drives Meter_Settings.ini
2013-11-27 20:14 - 2014-05-23 08:08 - 0000043 _____ () C:\Users\Korisnik\AppData\Roaming\mbam.context.scan
2011-01-25 22:05 - 2015-12-27 03:07 - 0007680 _____ () C:\Users\Korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-11 14:01 - 2014-11-11 14:30 - 0000700 ___SH () C:\Users\Korisnik\AppData\Local\systemFL7.dat
2013-03-19 01:06 - 2013-03-19 01:06 - 0000003 _____ () C:\Users\Korisnik\AppData\Local\updater.log
2013-03-19 01:06 - 2015-10-03 05:13 - 0000412 _____ () C:\Users\Korisnik\AppData\Local\UserProducts.xml
2010-07-16 17:19 - 2010-07-16 17:19 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some files in TEMP:
====================
C:\Users\Korisnik\AppData\Local\Temp\sqlite3.dll
C:\Users\Korisnik\AppData\Local\Temp\uninst1.exe


Some zero byte size files/folders:
==========================
C:\Windows\System32\wwaninst.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-08 03:53

==================== End of FRST.txt ============================

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8616
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:


CreateRestorePoint:
HKLM\...\Run: [] => [X]
AlternateDataStreams: C:\ProgramData\TEMP:8927A071
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: F - F:\autorun.exe -auto
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {1c165605-35d5-11e2-8eb3-406186619dee} - G:\DriverPackSolution.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {448465ba-bf82-11e5-a8d2-4061864ef395} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {4709379a-910e-11df-9740-806e6f6e6963} - E:\DVDSetup.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {474ba6bb-a28e-11df-b7b2-406186619dee} - H:\Autorun.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {6bfdf14f-a167-11df-86ec-406186619dee} - G:\SETUP.EXE
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
URLSearchHook: HKLM -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
URLSearchHook: HKLM - (No Name) - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - No File
URLSearchHook: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-4124289598-589087637-628770778-1000 - (No Name) - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - No File
FF Extension: copUnk - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\21sz33tb4@mJ.com [2015-01-22] [not signed]
FF Extension: ceoppunnK - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\4XJ8@ar7eUN.edu [2015-01-22] [not signed]
FF Extension: NEtoeCoupon - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\is@sFYj2nF.com [2015-01-22] [not signed]
FF HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox
FF Extension: Freemake Video Downloader - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox [2011-03-13] [not signed]
CHR HKLM\...\Chrome\Extension: [aaaapnjeoabhkpdiinmomghdncekhiib] - C:\Users\Korisnik\AppData\Local\APN\GoogleCRXs\aaaapnjeoabhkpdiinmomghdncekhiib_7.14.0.0.crx <not found>
CHR HKLM\...\Chrome\Extension: [dbgalemaidlifaeappogmgmgifhkfkee] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2010-12-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - <no Path\update_url>
CHR HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
U3 amt2se3k; C:\Windows\system32\Drivers\amt2se3k.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
C:\ProgramData\DealExpress
S1 adhdqlkq; \??\C:\Windows\system32\drivers\adhdqlkq.sys [X]
R3 ALSysIO; \??\C:\Users\Korisnik\AppData\Local\Temp\ALSysIO.sys [X]
S1 awpaflay; \??\C:\Windows\system32\drivers\awpaflay.sys [X]
S1 axulqmnr; \??\C:\Windows\system32\drivers\axulqmnr.sys [X]
S1 blwasutl; \??\C:\Windows\system32\drivers\blwasutl.sys [X]
S1 bumstcdf; \??\C:\Windows\system32\drivers\bumstcdf.sys [X]
S3 cpuz131; \??\C:\Users\Korisnik\AppData\Local\Temp\cpuz131\cpuz_x32.sys [X]
S1 cqqtwodu; \??\C:\Windows\system32\drivers\cqqtwodu.sys [X]
S1 dandhyzn; \??\C:\Windows\system32\drivers\dandhyzn.sys [X]
S1 dvdhcjmm; \??\C:\Windows\system32\drivers\dvdhcjmm.sys [X]
S1 eeuxmykw; \??\C:\Windows\system32\drivers\eeuxmykw.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S1 hzyfhqup; \??\C:\Windows\system32\drivers\hzyfhqup.sys [X]
S1 ijzcoged; \??\C:\Windows\system32\drivers\ijzcoged.sys [X]
S1 isvntnla; \??\C:\Windows\system32\drivers\isvntnla.sys [X]
S1 jdujfyfu; \??\C:\Windows\system32\drivers\jdujfyfu.sys [X]
S1 lxtkgsou; \??\C:\Windows\system32\drivers\lxtkgsou.sys [X]
S1 mkmqslxq; \??\C:\Windows\system32\drivers\mkmqslxq.sys [X]
S1 mpeszoog; \??\C:\Windows\system32\drivers\mpeszoog.sys [X]
S1 muwjkgic; \??\C:\Windows\system32\drivers\muwjkgic.sys [X]
S2 NEWDRIVER; \??\C:\Windows\system32\WinVDEdrv6.sys [X]
S1 notyhkcc; \??\C:\Windows\system32\drivers\notyhkcc.sys [X]
S1 pzdltadc; \??\C:\Windows\system32\drivers\pzdltadc.sys [X]
S1 qkqpdzyb; \??\C:\Windows\system32\drivers\qkqpdzyb.sys [X]
S1 rzsbscfd; \??\C:\Windows\system32\drivers\rzsbscfd.sys [X]
S1 sloyfpju; \??\C:\Windows\system32\drivers\sloyfpju.sys [X]
S1 wcpiabgh; \??\C:\Windows\system32\drivers\wcpiabgh.sys [X]
S1 ybsngrou; \??\C:\Windows\system32\drivers\ybsngrou.sys [X]
C:\Windows\System32\wwaninst.dll
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 28 Feb 2006
  • Poruke: 4
  • Gde živiš: Novi Sad

Napisano: 14 Feb 2016 13:16

Evo ga! Nadam se da sam ok uradio.

Fix result of Farbar Recovery Scan Tool (x86) Version:07-02-2016
Ran by Korisnik (2016-02-14 13:01:13) Run:1
Running from C:\Users\Korisnik\Desktop
Loaded Profiles: Korisnik (Available Profiles: Korisnik)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM\...\Run: [] => [X]
AlternateDataStreams: C:\ProgramData\TEMP:8927A071
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: F - F:\autorun.exe -auto
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {1c165605-35d5-11e2-8eb3-406186619dee} - G:\DriverPackSolution.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {448465ba-bf82-11e5-a8d2-4061864ef395} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {4709379a-910e-11df-9740-806e6f6e6963} - E:\DVDSetup.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {474ba6bb-a28e-11df-b7b2-406186619dee} - H:\Autorun.exe
HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\MountPoints2: {6bfdf14f-a167-11df-86ec-406186619dee} - G:\SETUP.EXE
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
URLSearchHook: HKLM -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
URLSearchHook: HKLM - (No Name) - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - No File
URLSearchHook: HKU\S-1-5-21-4124289598-589087637-628770778-1000 -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKU\S-1-5-21-4124289598-589087637-628770778-1000 - (No Name) - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - No File
FF Extension: copUnk - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\21sz33tb4@mJ.com [2015-01-22] [not signed]
FF Extension: ceoppunnK - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\4XJ8@ar7eUN.edu [2015-01-22] [not signed]
FF Extension: NEtoeCoupon - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\is@sFYj2nF.com [2015-01-22] [not signed]
FF HKU\S-1-5-21-4124289598-589087637-628770778-1000\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox
FF Extension: Freemake Video Downloader - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox [2011-03-13] [not signed]
CHR HKLM\...\Chrome\Extension: [aaaapnjeoabhkpdiinmomghdncekhiib] - C:\Users\Korisnik\AppData\Local\APN\GoogleCRXs\aaaapnjeoabhkpdiinmomghdncekhiib_7.14.0.0.crx <not found>
CHR HKLM\...\Chrome\Extension: [dbgalemaidlifaeappogmgmgifhkfkee] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2010-12-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - <no Path\update_url>
CHR HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
U3 amt2se3k; C:\Windows\system32\Drivers\amt2se3k.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
C:\ProgramData\DealExpress
S1 adhdqlkq; \??\C:\Windows\system32\drivers\adhdqlkq.sys [X]
R3 ALSysIO; \??\C:\Users\Korisnik\AppData\Local\Temp\ALSysIO.sys [X]
S1 awpaflay; \??\C:\Windows\system32\drivers\awpaflay.sys [X]
S1 axulqmnr; \??\C:\Windows\system32\drivers\axulqmnr.sys [X]
S1 blwasutl; \??\C:\Windows\system32\drivers\blwasutl.sys [X]
S1 bumstcdf; \??\C:\Windows\system32\drivers\bumstcdf.sys [X]
S3 cpuz131; \??\C:\Users\Korisnik\AppData\Local\Temp\cpuz131\cpuz_x32.sys [X]
S1 cqqtwodu; \??\C:\Windows\system32\drivers\cqqtwodu.sys [X]
S1 dandhyzn; \??\C:\Windows\system32\drivers\dandhyzn.sys [X]
S1 dvdhcjmm; \??\C:\Windows\system32\drivers\dvdhcjmm.sys [X]
S1 eeuxmykw; \??\C:\Windows\system32\drivers\eeuxmykw.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S1 hzyfhqup; \??\C:\Windows\system32\drivers\hzyfhqup.sys [X]
S1 ijzcoged; \??\C:\Windows\system32\drivers\ijzcoged.sys [X]
S1 isvntnla; \??\C:\Windows\system32\drivers\isvntnla.sys [X]
S1 jdujfyfu; \??\C:\Windows\system32\drivers\jdujfyfu.sys [X]
S1 lxtkgsou; \??\C:\Windows\system32\drivers\lxtkgsou.sys [X]
S1 mkmqslxq; \??\C:\Windows\system32\drivers\mkmqslxq.sys [X]
S1 mpeszoog; \??\C:\Windows\system32\drivers\mpeszoog.sys [X]
S1 muwjkgic; \??\C:\Windows\system32\drivers\muwjkgic.sys [X]
S2 NEWDRIVER; \??\C:\Windows\system32\WinVDEdrv6.sys [X]
S1 notyhkcc; \??\C:\Windows\system32\drivers\notyhkcc.sys [X]
S1 pzdltadc; \??\C:\Windows\system32\drivers\pzdltadc.sys [X]
S1 qkqpdzyb; \??\C:\Windows\system32\drivers\qkqpdzyb.sys [X]
S1 rzsbscfd; \??\C:\Windows\system32\drivers\rzsbscfd.sys [X]
S1 sloyfpju; \??\C:\Windows\system32\drivers\sloyfpju.sys [X]
S1 wcpiabgh; \??\C:\Windows\system32\drivers\wcpiabgh.sys [X]
S1 ybsngrou; \??\C:\Windows\system32\drivers\ybsngrou.sys [X]
C:\Windows\System32\wwaninst.dll
EmptyTemp:
*****************

Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
C:\ProgramData\TEMP => ":8927A071" ADS removed successfully..
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully..
"HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully.
"HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c165605-35d5-11e2-8eb3-406186619dee}" => key removed successfully.
HKCR\CLSID\{1c165605-35d5-11e2-8eb3-406186619dee} => key not found.
"HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{448465ba-bf82-11e5-a8d2-4061864ef395}" => key removed successfully.
HKCR\CLSID\{448465ba-bf82-11e5-a8d2-4061864ef395} => key not found.
"HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4709379a-910e-11df-9740-806e6f6e6963}" => key removed successfully.
HKCR\CLSID\{4709379a-910e-11df-9740-806e6f6e6963} => key not found.
"HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{474ba6bb-a28e-11df-b7b2-406186619dee}" => key removed successfully.
HKCR\CLSID\{474ba6bb-a28e-11df-b7b2-406186619dee} => key not found.
"HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6bfdf14f-a167-11df-86ec-406186619dee}" => key removed successfully.
HKCR\CLSID\{6bfdf14f-a167-11df-86ec-406186619dee} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value removed successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} => value removed successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => value removed successfully.
HKU\S-1-5-21-4124289598-589087637-628770778-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value removed successfully.
HKU\S-1-5-21-4124289598-589087637-628770778-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => value removed successfully.
C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\21sz33tb4@mJ.com => moved successfully
C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\4XJ8@ar7eUN.edu => moved successfully
C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bz18w34q.default\Extensions\is@sFYj2nF.com => moved successfully
HKU\S-1-5-21-4124289598-589087637-628770778-1000\Software\Mozilla\Firefox\Extensions\\fmdownloader@gmail.com => value removed successfully.
C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox => moved successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\aaaapnjeoabhkpdiinmomghdncekhiib" => key removed successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\dbgalemaidlifaeappogmgmgifhkfkee" => key removed successfully.
C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx => moved successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully.
"HKU\S-1-5-21-4124289598-589087637-628770778-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key removed successfully.
amt2se3k => service not found.
"C:\ProgramData\DealExpress" => not found.
adhdqlkq => service removed successfully.
ALSysIO => Service stopped successfully.
ALSysIO => service removed successfully.
awpaflay => service removed successfully.
axulqmnr => service removed successfully.
blwasutl => service removed successfully.
bumstcdf => service removed successfully.
cpuz131 => service removed successfully.
cqqtwodu => service removed successfully.
dandhyzn => service removed successfully.
dvdhcjmm => service removed successfully.
eeuxmykw => service removed successfully.
GMSIPCI => service removed successfully.
hzyfhqup => service removed successfully.
ijzcoged => service removed successfully.
isvntnla => service removed successfully.
jdujfyfu => service removed successfully.
lxtkgsou => service removed successfully.
mkmqslxq => service removed successfully.
mpeszoog => service removed successfully.
muwjkgic => service removed successfully.
NEWDRIVER => service removed successfully.
notyhkcc => service removed successfully.
pzdltadc => service removed successfully.
qkqpdzyb => service removed successfully.
rzsbscfd => service removed successfully.
sloyfpju => service removed successfully.
wcpiabgh => service removed successfully.
ybsngrou => service removed successfully.
C:\Windows\System32\wwaninst.dll => moved successfully
EmptyTemp: => 3.9 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 13:05:00 ====

Dopuna: 14 Feb 2016 13:46

Na zalost, chrome je opet crash-ovao na isti nacin Sad

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8616
  • Gde živiš: Novi Beograd

Potrebno je da reinstaliras Chrome, pri tome da izaberes opciju da se svi podaci uklone, bookmarke mozes da exportujes i sacuvas pa ih ponovo importujes u Chrome kad ga reinstaliras.

Takodje, iskljuci sinhronizaciju u Chromu.
https://support.google.com/chrome/answer/2390059?hl=en

Ko je trenutno na forumu
 

Ukupno su 686 korisnika na forumu :: 8 registrovanih, 1 sakriven i 677 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Ageofloneliness, Bobrock1, Japidson, Koridor, M1los, Ognjen D., wizzardone, zlaya011