Zaraza :(

1

Zaraza :(

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1799

Napisano: 05 Jan 2017 10:58

Skoro da sam uspeo da ocistim laptop od svega i svacega, medjutim, ovo mi se ne da nikako



Radio sam sa AdwCleaner, Kaspersky Internet security, Malwarebyte...


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
Ran by Sale (administrator) on SALE-PC (05-01-2017 10:49:23)
Running from C:\Users\Sale\Desktop
Loaded Profiles: Sale (Available Profiles: Sale & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\dfd595d6-de7f-4b7a-880d-282e918df6f41483573834\kns7CEE.tmp
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(QUALCOMM, Inc.) C:\QUALCOMM\QDLService\QDLService.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Users\Sale\AppData\Local\-1483612991---\qnsr3767.tmp
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\igfxcui:
HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [] => 0
ShellExecuteHooks: No Name - {0D16CC4A-CB68-11E6-8EDE-64006A5CFC23} - C:\Users\Sale\AppData\Roaming\Wijacultferek\Fergasplijerle.dll -> No File
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
GroupPolicy: Restriction - Windows Defender <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{6BB5793E-C68E-4044-BE90-A889271AE286}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-2469946165-4281633537-2586476627-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-29] (AO Kaspersky Lab)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-29] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-29] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-29] (AO Kaspersky Lab)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\7fjl4yi9.default-1468541088190 [2017-01-05]
FF Homepage: Mozilla\Firefox\Profiles\7fjl4yi9.default-1468541088190 -> hxxps://www.google.rs/?gws_rd=ssl
FF NetworkProxy: Mozilla\Firefox\Profiles\7fjl4yi9.default-1468541088190 -> type", 0
FF Extension: (Noia Fox options) - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\7fjl4yi9.default-1468541088190\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2016-12-15]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\7fjl4yi9.default-1468541088190\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2016-10-13]
FF Extension: (EPUBReader) - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\7fjl4yi9.default-1468541088190\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2016-12-15]
FF Extension: (Adblock Plus) - C:\Users\Sale\AppData\Roaming\Mozilla\Firefox\Profiles\7fjl4yi9.default-1468541088190\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-28] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Arjosy; C:\Program Files (x86)\Nracultghvusp\pjlSystem.dll [177664 2017-01-05] () [File not signed]
S2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 bejoloko; C:\Program Files (x86)\dfd595d6-de7f-4b7a-880d-282e918df6f41483573834\kns7CEE.tmp [400384 2017-01-05] () [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [956192 2011-02-15] (Broadcom Corporation.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2016-12-23] (Digital Wave Ltd.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2013-12-04] (Realsil Microelectronics Inc.)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 QDLService; C:\QUALCOMM\QDLService\QDLService.exe [345336 2009-10-14] (QUALCOMM, Inc.)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2012-12-31] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 zigipyro; C:\Users\Sale\AppData\Local\-1483612991---\qnsr3767.tmp [158720 2015-12-26] () [File not signed]
S2 AGSService; no ImagePath
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 adgnetworktdidrv; no ImagePath
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [158848 2016-08-10] (Zemana Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236432 2016-12-29] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2017-01-05] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2016-12-29] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2016-12-29] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216 2017-01-05] (Malwarebytes)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
R0 rtcrfilt64; C:\Windows\System32\DRIVERS\rtcrfilt64.sys [19600 2013-12-04] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-23] (Duplex Secure Ltd.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2012-03-02] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2012-03-02] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2012-03-02] (LG Electronics Inc.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)
R3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
R1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-05 10:49 - 2017-01-05 10:50 - 00017660 _____ C:\Users\Sale\Desktop\FRST.txt
2017-01-05 10:43 - 2017-01-05 10:43 - 00000000 ____D C:\Users\Sale\AppData\Local\-1483612991---
2017-01-05 10:16 - 2017-01-05 10:19 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-01-05 09:29 - 2017-01-05 09:57 - 00000000 ____D C:\Users\Sale\AppData\Local\-1483608548---
2017-01-05 09:11 - 2017-01-05 09:42 - 00000000 ____D C:\Users\Sale\Desktop\mbar
2017-01-05 07:40 - 2017-01-05 09:09 - 00000000 ____D C:\Users\Sale\AppData\Local\-1483602005---
2017-01-05 03:56 - 2017-01-05 05:00 - 00000000 ____D C:\Users\Sale\AppData\Local\-1483588563---
2017-01-05 03:45 - 2017-01-05 03:45 - 00000000 ____D C:\Users\Sale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-01-05 03:45 - 2017-01-05 03:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-01-05 03:29 - 2017-01-05 03:29 - 00000000 ____D C:\Users\Sale\AppData\Local\AdvinstAnalytics
2017-01-05 03:00 - 2017-01-05 10:11 - 00000000 ____D C:\AdwCleaner
2017-01-05 02:48 - 2017-01-05 02:48 - 03977168 _____ C:\Users\Sale\Desktop\AdwCleaner.exe
2017-01-05 01:23 - 2017-01-05 01:23 - 00000000 ____D C:\Users\Administrator.Sale-PC\AppData\Local\UCBrowser
2017-01-05 01:22 - 2017-01-05 01:22 - 00000000 ____D C:\Users\Administrator.Sale-PC\AppData\Roaming\DVDVideoSoft
2017-01-05 00:58 - 2017-01-05 10:49 - 00000000 ____D C:\FRST
2017-01-05 00:55 - 2017-01-05 00:56 - 02418176 _____ (Farbar) C:\Users\Sale\Desktop\FRST64.exe
2017-01-05 00:52 - 2017-01-05 00:52 - 00000000 ____D C:\Users\Sale\AppData\Local\Chromium
2017-01-05 00:51 - 2017-01-05 03:15 - 00000000 ____D C:\Users\Sale\AppData\Local\-1483577481---
2017-01-05 00:51 - 2017-01-05 00:51 - 00000000 ____D C:\Program Files (x86)\Nracultghvusp
2017-01-05 00:51 - 2017-01-05 00:51 - 00000000 ____D C:\Program Files (x86)\Drickbokerther Center
2017-01-05 00:50 - 2017-01-05 07:10 - 00000000 ____D C:\Program Files (x86)\dfd595d6-de7f-4b7a-880d-282e918df6f41483573834
2017-01-05 00:50 - 2017-01-05 04:05 - 00000000 ____D C:\Users\Sale\AppData\Roaming\Wijacultferek
2017-01-05 00:50 - 2017-01-05 00:50 - 00000000 ____D C:\Users\Sale\AppData\Local\UCBrowser
2017-01-05 00:49 - 2017-01-05 05:06 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2017-01-05 00:49 - 2017-01-05 00:49 - 00000000 ____D C:\Users\Sale\AppData\Local\Grujery
2017-01-05 00:47 - 2017-01-05 03:56 - 00000000 __SHD C:\Users\Sale\AppData\Local\svchost
2017-01-05 00:47 - 2017-01-05 00:47 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-01-05 00:47 - 2017-01-05 00:47 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-01-05 00:36 - 2017-01-05 00:36 - 00000000 ____D C:\Users\Sale\AppData\LocalLow\uTorrent
2017-01-04 11:57 - 2017-01-04 11:58 - 00000000 ____D C:\Users\Administrator.Sale-PC\AppData\Roaming\Adobe
2017-01-04 11:57 - 2017-01-04 11:57 - 00001413 _____ C:\Users\Administrator.Sale-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-01-04 11:57 - 2017-01-04 11:57 - 00000258 __RSH C:\Users\Administrator.Sale-PC\ntuser.pol
2017-01-04 11:57 - 2017-01-04 11:57 - 00000020 ___SH C:\Users\Administrator.Sale-PC\ntuser.ini
2017-01-04 11:57 - 2017-01-04 11:57 - 00000000 _SHDL C:\Users\Administrator.Sale-PC\My Documents
2017-01-04 11:57 - 2017-01-04 11:57 - 00000000 _SHDL C:\Users\Administrator.Sale-PC\Documents\My Videos
2017-01-04 11:57 - 2017-01-04 11:57 - 00000000 _SHDL C:\Users\Administrator.Sale-PC\Documents\My Pictures
2017-01-04 11:57 - 2017-01-04 11:57 - 00000000 _SHDL C:\Users\Administrator.Sale-PC\Documents\My Music
2017-01-04 11:57 - 2017-01-04 11:57 - 00000000 ____D C:\Users\Administrator.Sale-PC\AppData\Local\Adobe
2017-01-04 11:57 - 2017-01-04 11:57 - 00000000 ____D C:\Users\Administrator.Sale-PC
2017-01-04 11:57 - 2014-11-05 15:34 - 00000000 ____D C:\Users\Administrator.Sale-PC\AppData\Roaming\Insoft LLC
2017-01-04 11:57 - 2013-05-01 01:36 - 00000000 ____D C:\Users\Administrator.Sale-PC\AppData\LocalGoogle
2017-01-04 11:57 - 2013-05-01 01:36 - 00000000 ____D C:\Users\Administrator.Sale-PC\AppData\Local\Google
2017-01-04 11:57 - 2012-09-07 01:52 - 00000000 ____D C:\Users\Administrator.Sale-PC\AppData\Local\Microsoft Help
2017-01-04 11:57 - 2012-09-06 22:00 - 00000000 ____D C:\Users\Administrator.Sale-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-01-04 11:57 - 2010-11-21 08:16 - 00000000 ____D C:\Users\Administrator.Sale-PC\AppData\Roaming\Media Center Programs
2017-01-02 22:45 - 2017-01-02 22:45 - 09750666 _____ C:\Users\Sale\Desktop\PrakticnoPcelarstvoIi.pdf
2017-01-02 21:50 - 2017-01-05 01:02 - 00000949 _____ C:\Users\Sale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-01-02 12:40 - 2017-01-02 12:44 - 00000000 ____D C:\Windows\System32\Tasks\Event Viewer Tasks
2017-01-02 11:53 - 2017-01-02 11:53 - 00000000 ____D C:\Users\Sale\AppData\Local\Apps\2.0
2017-01-02 11:15 - 2017-01-02 11:15 - 00002962 _____ C:\Windows\System32\Tasks\{69C21C46-B8F0-4FC5-B0B1-A99307F26AC1}
2017-01-02 11:15 - 2017-01-02 11:15 - 00002962 _____ C:\Windows\System32\Tasks\{1CEB8360-5512-48C4-9267-1F1D6150FD67}
2017-01-02 11:08 - 2017-01-02 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Uninstaller
2016-12-31 20:26 - 2017-01-01 23:37 - 00000000 ____D C:\Users\Sale\Desktop\muzika za dusu
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2016-12-31 15:21 - 2016-12-31 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-12-31 15:20 - 2016-12-31 15:21 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-12-31 12:21 - 2016-12-31 12:21 - 00000621 _____ C:\Users\Sale\Documents\aaaaaaaaaaaaaaaaaaaaa.txt
2016-12-29 01:35 - 2016-12-29 01:35 - 01351492 _____ C:\Users\Sale\Desktop\KasperSky 2016 working Trial Resetter + 90 days - [ECLiPSE].rar
2016-12-29 01:30 - 2016-12-29 01:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-12-29 01:29 - 2016-12-29 03:53 - 01001304 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-12-29 01:29 - 2016-12-29 01:29 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-12-29 01:29 - 2015-12-11 17:28 - 00182152 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-12-29 01:29 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-12-29 01:26 - 2017-01-05 10:49 - 00020404 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-12-29 01:26 - 2017-01-05 10:19 - 00006137 _____ C:\Windows\ZAM.krnl.trace
2016-12-29 00:34 - 2016-12-29 00:34 - 00038912 _____ C:\Users\Sale\Desktop\PODACI O CLANOVIMA SPOS.xls
2016-12-27 13:08 - 2016-12-27 13:08 - 00000162 ____H C:\Users\Sale\Desktop\~$eratika izveštaj - decembar 2016.doc
2016-12-21 20:46 - 2016-12-21 20:46 - 00392030 _____ C:\Users\Sale\Desktop\sat.png
2016-12-20 22:49 - 2016-12-20 22:49 - 00000000 ____D C:\Users\Sale\Documents\paint.net User Files
2016-12-17 15:31 - 2016-12-17 15:31 - 00000000 ____D C:\Program Files (x86)\Disney Interactive Studios
2016-12-15 12:51 - 2016-12-15 12:51 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-15 12:51 - 2016-12-15 12:51 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-12-15 09:51 - 2016-12-15 09:51 - 00003498 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Sale-PC-Sale
2016-12-15 09:42 - 2016-12-15 09:42 - 00001075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-12-15 09:41 - 2016-12-15 09:41 - 00001211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2016-12-15 09:40 - 2016-12-15 09:40 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-12-15 09:39 - 2016-12-15 09:39 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2016-12-15 09:36 - 2016-12-15 09:36 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-12-15 09:36 - 2016-12-15 09:36 - 00001357 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-12-14 15:47 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 15:47 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 15:47 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 15:47 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 15:47 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 15:47 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 15:47 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 15:47 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 15:47 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 15:47 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 15:47 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 15:47 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 15:47 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 15:47 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 15:47 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 15:47 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 15:47 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 15:47 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 15:47 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 15:47 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 15:47 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 15:47 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 15:47 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 15:47 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 15:47 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 15:47 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 15:47 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 15:47 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 15:47 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 15:47 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 15:47 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 15:47 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 15:47 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 15:47 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 15:47 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 15:47 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 15:47 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 15:47 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 15:47 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 15:47 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 15:47 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 15:47 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 15:47 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 15:47 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 15:47 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 15:47 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 15:47 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 15:47 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 15:47 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 15:47 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 15:47 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 15:47 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 15:47 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 15:47 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 15:47 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 15:47 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 15:47 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 15:47 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 15:47 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 15:47 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 15:47 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 15:47 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 15:47 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 15:47 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 15:47 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 15:47 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 15:47 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 15:47 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 15:47 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 15:47 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 15:47 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 15:47 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 15:47 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 15:47 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 15:47 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 15:47 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 15:47 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 15:47 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 15:47 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 15:47 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 15:47 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 15:47 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 15:47 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 15:47 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 15:47 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 15:47 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 15:47 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 15:47 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 15:47 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 15:47 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 15:47 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 15:47 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 15:47 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 15:47 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 15:47 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 15:47 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 15:47 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 15:47 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 15:47 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 15:47 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 15:47 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 15:47 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 15:47 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 15:47 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 15:47 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 15:47 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-12 23:49 - 2016-12-12 23:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-12-11 17:13 - 2017-01-02 19:46 - 00000000 ____D C:\Users\Sale\Desktop\za uredjivanje
2016-12-11 17:01 - 2016-12-27 10:27 - 00055296 ____H C:\Users\Sale\Desktop\photothumb.db
2016-12-11 17:00 - 2016-12-28 21:55 - 00000000 ____D C:\Users\Sale\AppData\Roaming\PhotoScape
2016-12-10 22:27 - 2016-12-11 00:13 - 311660437 _____ C:\Users\Sale\Desktop\Metod pčelarenja u stacionarnim uslovima, prilagođen suncokretovoj 1.pptx
2016-12-09 11:44 - 2016-12-09 11:44 - 00200247 _____ C:\Users\Sale\Desktop\UDR.PČELARA.xps
2016-12-07 16:15 - 2017-01-02 11:47 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-12-07 16:07 - 2016-12-15 09:40 - 00000000 ____D C:\Program Files\Adobe
2016-12-07 14:58 - 2016-12-07 14:58 - 00000916 _____ C:\Users\Public\Desktop\Age of Empires II HD Edition.lnk
2016-12-06 23:25 - 2017-01-02 12:53 - 00001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2016-12-06 23:20 - 2016-12-06 23:22 - 00000000 ____D C:\MATS
2016-12-06 22:58 - 2016-12-09 20:36 - 00000000 ____D C:\Users\Sale\AppData\Local\CrashDumps
2016-12-06 22:44 - 2016-12-06 23:03 - 00000000 ____D C:\Users\Sale\AppData\Local\IIIQF
2016-12-06 19:32 - 2016-12-06 19:32 - 00000000 _____ C:\Users\Sale\exit
2016-12-06 18:58 - 2016-12-06 18:58 - 00000000 _____ C:\autoexec.bat
2016-12-06 18:51 - 2016-12-06 18:54 - 00000000 ____D C:\Users\Sale\AppData\Roaming\Wise Euask
2016-12-06 12:10 - 2016-12-09 17:33 - 00000000 ____D C:\Users\Sale\AppData\Local\paint.net
2016-12-06 11:27 - 2017-01-02 12:53 - 00000000 ____D C:\Program Files\Paint.NET
2016-12-06 11:14 - 2016-12-06 11:34 - 00000000 _____ C:\Users\Sale\sfc

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-05 10:48 - 2014-11-13 08:41 - 37881344 ___SH C:\Users\Sale\Desktop\Thumbs.db
2017-01-05 10:21 - 2009-07-14 05:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-05 10:21 - 2009-07-14 05:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-05 10:14 - 2016-11-18 14:40 - 00000000 ____D C:\Users\Sale\AppData\LocalLow\Mozilla
2017-01-05 10:14 - 2015-07-01 09:04 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-05 10:13 - 2014-10-17 12:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-01-05 10:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-05 09:57 - 2012-09-07 07:37 - 00000000 ____D C:\Program Files\CCleaner
2017-01-05 09:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-05 09:49 - 2016-10-18 06:51 - 00000000 ____D C:\Program Files (x86)\WinRAR
2017-01-05 09:42 - 2016-11-04 21:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-05 09:13 - 2016-09-05 23:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-05 09:12 - 2016-11-10 21:48 - 00000000 ____D C:\Users\Sale\AppData\Roaming\uTorrent
2017-01-05 09:11 - 2016-09-05 23:10 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-05 05:23 - 2014-03-05 09:06 - 00000000 ___RD C:\Users\Sale\Desktop\Čistači i bezbednost
2017-01-05 04:07 - 2010-11-21 08:16 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2017-01-05 03:18 - 2016-11-18 15:37 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2017-01-05 03:05 - 2016-11-18 15:36 - 00000000 ____D C:\ProgramData\Lavasoft
2017-01-05 03:04 - 2016-11-18 15:37 - 00000000 ____D C:\Users\Sale\AppData\Roaming\Lavasoft
2017-01-05 01:39 - 2009-07-14 06:13 - 00786730 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-05 01:02 - 2016-03-08 11:41 - 00001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-05 01:02 - 2012-09-06 20:24 - 00001196 _____ C:\Users\Sale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-01-04 20:03 - 2012-09-07 10:15 - 00000000 ____D C:\Users\Sale\Documents\Outlook Files
2017-01-04 13:12 - 2015-11-14 16:39 - 00000000 ____D C:\Users\Sale\Desktop\Slike za logo i projekti
2017-01-04 13:04 - 2014-04-13 19:30 - 00000000 ____D C:\Users\Sale\AppData\Roaming\DVDVideoSoft
2017-01-04 11:57 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-01-02 19:46 - 2012-11-04 12:28 - 00000000 ___RD C:\Users\Sale\Desktop\Graficki programi
2017-01-02 12:26 - 2009-07-14 03:34 - 00000639 _____ C:\Windows\win.ini
2017-01-02 11:22 - 2012-09-30 22:37 - 00771040 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-01-02 11:08 - 2016-03-24 21:25 - 00000000 ____D C:\Program Files\Perfect Uninstaller
2017-01-02 00:25 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2017-01-01 23:46 - 2016-11-04 16:02 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-01-01 23:43 - 2012-10-10 21:27 - 00000000 ____D C:\Users\Sale\AppData\LocalLow\Temp
2017-01-01 21:48 - 2015-01-24 09:39 - 00000000 ____D C:\Users\Sale\AppData\Roaming\BSplayer PRO
2017-01-01 01:32 - 2013-05-08 22:41 - 00000000 ____D C:\Users\Sale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-12-30 15:03 - 2012-09-27 23:36 - 00000000 ____D C:\Users\Sale\Documents\LogoDesignStudio Pro
2016-12-30 13:54 - 2016-11-17 23:43 - 00524288 ___SH C:\Windows\system32\config\components{dbc7e595-ad09-11e6-b548-3c970e054677}.TMContainer00000000000000000001.regtrans-ms
2016-12-30 09:18 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\assembly
2016-12-29 03:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\DriverStore
2016-12-29 03:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\catroot
2016-12-29 03:53 - 2015-12-03 11:10 - 00110424 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2016-12-29 03:49 - 2016-04-29 03:02 - 00236432 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-12-29 01:30 - 2014-10-17 12:21 - 00005120 ___SH C:\ProgramData\ntuser.dat.LOG1
2016-12-29 01:29 - 2012-09-06 22:23 - 00000000 ____D C:\Windows\ELAMBKUP
2016-12-29 01:26 - 2016-03-28 08:07 - 05349520 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-29 01:26 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-28 20:02 - 2015-07-01 09:04 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-28 20:02 - 2014-09-08 17:08 - 00000000 ____D C:\Users\Sale\AppData\Local\Adobe
2016-12-28 20:02 - 2012-09-06 23:42 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-28 20:02 - 2012-09-06 23:42 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-28 20:02 - 2012-09-06 23:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-28 20:02 - 2012-09-06 23:41 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-28 17:01 - 2013-05-28 09:08 - 00000132 _____ C:\Users\Sale\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-12-27 10:27 - 2013-03-31 12:45 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2016-12-17 17:41 - 2012-11-04 12:29 - 00000000 ___RD C:\Users\Sale\Desktop\Internet programi
2016-12-17 17:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Logs
2016-12-17 17:35 - 2012-09-06 20:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-17 17:32 - 2016-10-25 16:14 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-16 22:21 - 2015-02-09 14:52 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 22:21 - 2015-02-09 14:52 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 17:25 - 2016-11-04 16:12 - 00003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-12-15 12:51 - 2016-10-21 14:40 - 00000000 ____D C:\ProgramData\McAfee
2016-12-15 11:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-15 09:54 - 2016-12-05 20:11 - 00000000 ____D C:\Users\Sale\Documents\Adobe
2016-12-15 09:50 - 2016-03-27 19:18 - 00198296 _____ C:\Users\Sale\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-15 09:42 - 2013-02-28 13:30 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-15 09:39 - 2013-02-06 15:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-15 09:39 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Fonts
2016-12-15 09:36 - 2012-09-06 23:52 - 00000000 ____D C:\Users\Sale\AppData\Roaming\Adobe
2016-12-15 09:36 - 2012-09-06 23:30 - 00000000 ____D C:\ProgramData\Adobe
2016-12-15 09:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\wdi
2016-12-15 09:12 - 2016-11-18 09:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-12-15 09:12 - 2016-03-08 11:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 09:10 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 09:10 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-15 09:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2016-12-15 09:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2016-12-15 07:31 - 2012-09-07 00:05 - 135632432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 19:39 - 2012-09-07 05:17 - 00000000 ____D C:\Windows\Prefetch
2016-12-12 17:18 - 2012-09-21 15:46 - 00000000 ____D C:\Users\Sale\AppData\Local\Google
2016-12-12 17:18 - 2012-09-21 15:46 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-12 11:18 - 2016-02-08 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-12-07 16:15 - 2009-07-14 04:20 - 00000000 ___RD C:\Users\Public\Documents
2016-12-07 14:58 - 2015-02-02 00:03 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-07 14:58 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-07 14:39 - 2012-09-06 20:23 - 00000000 ____D C:\Users\Sale
2016-12-06 22:57 - 2012-09-06 20:23 - 00000000 ___RD C:\Users\Sale\Links
2016-12-06 21:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\LogFiles
2016-12-06 19:13 - 2016-11-27 00:41 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2013-05-28 09:08 - 2016-12-28 17:01 - 0000132 _____ () C:\Users\Sale\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-10-01 06:19 - 2015-12-27 00:11 - 0015872 _____ () C:\Users\Sale\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-10 00:15 - 2016-02-10 00:15 - 0000218 _____ () C:\Users\Sale\AppData\Local\recently-used.xbel
2012-09-12 06:52 - 2016-11-29 23:18 - 0007612 _____ () C:\Users\Sale\AppData\Local\Resmon.ResmonCfg
2016-02-08 10:46 - 2016-02-08 10:46 - 0000112 _____ () C:\Users\Sale\AppData\Local\tempuninstall.ini

Some files in TEMP:
====================
C:\Users\Sale\AppData\Local\Temp\1E4.tmp.exe
C:\Users\Sale\AppData\Local\Temp\383F.tmp.exe
C:\Users\Sale\AppData\Local\Temp\70EC.tmp.exe
C:\Users\Sale\AppData\Local\Temp\8A54.tmp.exe
C:\Users\Sale\AppData\Local\Temp\A8FD.tmp.exe
C:\Users\Sale\AppData\Local\Temp\fsd18CD.exe
C:\Users\Sale\AppData\Local\Temp\libeay32.dll
C:\Users\Sale\AppData\Local\Temp\mininewsrepair.exe
C:\Users\Sale\AppData\Local\Temp\msvcr120.dll
C:\Users\Sale\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-03 11:51

==================== End of FRST.txt ============================
https://www.mycity.rs/must-login.png

Dopuna: 05 Jan 2017 11:16

I da, umesto google.rs mi otvara ovo

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Zdravo,

deinstaliraj: Body Text Feathering

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKU\S-1-5-18\...\Run: [] => 0
ShellExecuteHooks: No Name - {0D16CC4A-CB68-11E6-8EDE-64006A5CFC23} - C:\Users\Sale\AppData\Roaming\Wijacultferek\Fergasplijerle.dll -> No File
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
GroupPolicy: Restriction - Windows Defender <======= ATTENTION
C:\Users\Sale\AppData\Roaming\Wijacultferek
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
R2 Arjosy; C:\Program Files (x86)\Nracultghvusp\pjlSystem.dll [177664 2017-01-05] () [File not signed]
C:\Program Files (x86)\Nracultghvusp
R2 bejoloko; C:\Program Files (x86)\dfd595d6-de7f-4b7a-880d-282e918df6f41483573834\kns7CEE.tmp [400384 2017-01-05] () [File not signed]
C:\Program Files (x86)\dfd595d6-de7f-4b7a-880d-282e918df6f41483573834
R2 zigipyro; C:\Users\Sale\AppData\Local\-1483612991---\qnsr3767.tmp [158720 2015-12-26] () [File not signed]
C:\Users\Sale\AppData\Local\-1483612991---
S2 AGSService; no ImagePath
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]
C:\Users\Sale\AppData\Local\-1483612991---
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
R1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
C:\Users\Sale\AppData\Local\-1483608548---
C:\Users\Sale\AppData\Local\-1483602005---
C:\Users\Sale\AppData\Local\-1483588563---
C:\Users\Sale\AppData\Local\AdvinstAnalytics
C:\Users\Administrator.Sale-PC\AppData\Local\UCBrowser 
C:\Users\Sale\AppData\Local\Chromium
2017-01-05 00:51 - 2017-01-05 03:15 - 00000000 ____D C:\Users\Sale\AppData\Local\-1483577481---
2017-01-05 00:51 - 2017-01-05 00:51 - 00000000 ____D C:\Program Files (x86)\Nracultghvusp
2017-01-05 00:51 - 2017-01-05 00:51 - 00000000 ____D C:\Program Files (x86)\Drickbokerther Center
2017-01-05 00:50 - 2017-01-05 07:10 - 00000000 ____D C:\Program Files (x86)\dfd595d6-de7f-4b7a-880d-282e918df6f41483573834
2017-01-05 00:50 - 2017-01-05 04:05 - 00000000 ____D C:\Users\Sale\AppData\Roaming\Wijacultferek
2017-01-05 00:50 - 2017-01-05 00:50 - 00000000 ____D C:\Users\Sale\AppData\Local\UCBrowser
2017-01-05 00:49 - 2017-01-05 05:06 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2017-01-05 00:49 - 2017-01-05 00:49 - 00000000 ____D C:\Users\Sale\AppData\Local\Grujery
2017-01-05 00:47 - 2017-01-05 03:56 - 00000000 __SHD C:\Users\Sale\AppData\Local\svchost
2017-01-05 00:47 - 2017-01-05 00:47 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-01-05 00:47 - 2017-01-05 00:47 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
ShortcutWithArgument: C:\Users\Sale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Sale\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Sale\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/
Task: {6F9BE3AB-97E2-424D-97C5-E5393F51834B} - \Auslogics\BitReplica\Profile 206A376A -> No File <==== ATTENTION
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1799

Zdravo drugar moj i srećna ti Nova godina

Ne znam gde da potrazim Body Text Feathering

Posle FRST ciscenja i restarta, kasperski je nasao ovo:



Fix result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by Sale (05-01-2017 11:55:43) Run:3
Running from C:\Users\Sale\Desktop
Loaded Profiles: Sale (Available Profiles: Sale & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKU\S-1-5-18\...\Run: [] => 0
ShellExecuteHooks: No Name - {0D16CC4A-CB68-11E6-8EDE-64006A5CFC23} - C:\Users\Sale\AppData\Roaming\Wijacultferek\Fergasplijerle.dll -> No File
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
GroupPolicy: Restriction - Windows Defender <======= ATTENTION
C:\Users\Sale\AppData\Roaming\Wijacultferek
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
R2 Arjosy; C:\Program Files (x86)\Nracultghvusp\pjlSystem.dll [177664 2017-01-05] () [File not signed]
C:\Program Files (x86)\Nracultghvusp
R2 bejoloko; C:\Program Files (x86)\dfd595d6-de7f-4b7a-880d-282e918df6f41483573834\kns7CEE.tmp [400384 2017-01-05] () [File not signed]
C:\Program Files (x86)\dfd595d6-de7f-4b7a-880d-282e918df6f41483573834
R2 zigipyro; C:\Users\Sale\AppData\Local\-1483612991---\qnsr3767.tmp [158720 2015-12-26] () [File not signed]
C:\Users\Sale\AppData\Local\-1483612991---
S2 AGSService; no ImagePath
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]
C:\Users\Sale\AppData\Local\-1483612991---
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
R1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
C:\Users\Sale\AppData\Local\-1483608548---
C:\Users\Sale\AppData\Local\-1483602005---
C:\Users\Sale\AppData\Local\-1483588563---
C:\Users\Sale\AppData\Local\AdvinstAnalytics
C:\Users\Administrator.Sale-PC\AppData\Local\UCBrowser
C:\Users\Sale\AppData\Local\Chromium
2017-01-05 00:51 - 2017-01-05 03:15 - 00000000 ____D C:\Users\Sale\AppData\Local\-1483577481---
2017-01-05 00:51 - 2017-01-05 00:51 - 00000000 ____D C:\Program Files (x86)\Nracultghvusp
2017-01-05 00:51 - 2017-01-05 00:51 - 00000000 ____D C:\Program Files (x86)\Drickbokerther Center
2017-01-05 00:50 - 2017-01-05 07:10 - 00000000 ____D C:\Program Files (x86)\dfd595d6-de7f-4b7a-880d-282e918df6f41483573834
2017-01-05 00:50 - 2017-01-05 04:05 - 00000000 ____D C:\Users\Sale\AppData\Roaming\Wijacultferek
2017-01-05 00:50 - 2017-01-05 00:50 - 00000000 ____D C:\Users\Sale\AppData\Local\UCBrowser
2017-01-05 00:49 - 2017-01-05 05:06 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2017-01-05 00:49 - 2017-01-05 00:49 - 00000000 ____D C:\Users\Sale\AppData\Local\Grujery
2017-01-05 00:47 - 2017-01-05 03:56 - 00000000 __SHD C:\Users\Sale\AppData\Local\svchost
2017-01-05 00:47 - 2017-01-05 00:47 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-01-05 00:47 - 2017-01-05 00:47 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
ShortcutWithArgument: C:\Users\Sale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Sale\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Sale\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/
Task: {6F9BE3AB-97E2-424D-97C5-E5393F51834B} - \Auslogics\BitReplica\Profile 206A376A -> No File <==== ATTENTION
EmptyTemp:
*****************

Error: (0) Failed to create a restore point.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{0D16CC4A-CB68-11E6-8EDE-64006A5CFC23} => value removed successfully
HKCR\CLSID\{0D16CC4A-CB68-11E6-8EDE-64006A5CFC23} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} => value removed successfully
HKCR\CLSID\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj => key removed successfully
HKCR\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Users\Sale\AppData\Roaming\Wijacultferek => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-2469946165-4281633537-2586476627-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
Arjosy => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\Arjosy => key removed successfully
Arjosy => service removed successfully
C:\Program Files (x86)\Nracultghvusp => moved successfully
bejoloko => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\bejoloko => key removed successfully
bejoloko => service removed successfully
C:\Program Files (x86)\dfd595d6-de7f-4b7a-880d-282e918df6f41483573834 => moved successfully
zigipyro => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\zigipyro => key removed successfully
zigipyro => service removed successfully
C:\Users\Sale\AppData\Local\-1483612991--- => moved successfully
HKLM\System\CurrentControlSet\Services\AGSService => key removed successfully
AGSService => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAMSvc => key removed successfully
ZAMSvc => service removed successfully
"C:\Users\Sale\AppData\Local\-1483612991---" => not found.
HKLM\System\CurrentControlSet\Services\ZAM => key removed successfully
ZAM => service removed successfully
ZAM_Guard => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ZAM_Guard => key removed successfully
ZAM_Guard => service removed successfully
C:\Users\Sale\AppData\Local\-1483608548--- => moved successfully
C:\Users\Sale\AppData\Local\-1483602005--- => moved successfully
C:\Users\Sale\AppData\Local\-1483588563--- => moved successfully
C:\Users\Sale\AppData\Local\AdvinstAnalytics => moved successfully
C:\Users\Administrator.Sale-PC\AppData\Local\UCBrowser => moved successfully
C:\Users\Sale\AppData\Local\Chromium => moved successfully
C:\Users\Sale\AppData\Local\-1483577481--- => moved successfully
"C:\Program Files (x86)\Nracultghvusp" => not found.
C:\Program Files (x86)\Drickbokerther Center => moved successfully
"C:\Program Files (x86)\dfd595d6-de7f-4b7a-880d-282e918df6f41483573834" => not found.
"C:\Users\Sale\AppData\Roaming\Wijacultferek" => not found.
C:\Users\Sale\AppData\Local\UCBrowser => moved successfully
C:\Program Files (x86)\UCBrowser => moved successfully
C:\Users\Sale\AppData\Local\Grujery => moved successfully
C:\Users\Sale\AppData\Local\svchost => moved successfully
C:\Users\Default\AppData\Local\AdvinstAnalytics => moved successfully
"C:\Users\Default User\AppData\Local\AdvinstAnalytics" => not found.
C:\Users\Sale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Shortcut argument removed successfully.
C:\Users\Sale\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument removed successfully.
C:\Users\Sale\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Shortcut argument removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F9BE3AB-97E2-424D-97C5-E5393F51834B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F9BE3AB-97E2-424D-97C5-E5393F51834B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Auslogics\BitReplica\Profile 206A376A => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 16777216 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13492165 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3566783 B
Edge => 0 B
Chrome => 0 B
Firefox => 20365307 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Sale => 100685326 B
Administrator.Sale-PC => 0 B

RecycleBin => 22676892 B
EmptyTemp: => 169.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:55:54 ====

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

To ne zvuci na dobro. Very Happy

Program potrazi u Control Panelu.

Pokreni AdwCleaner ako ga vec imas, pa skeniraj i okaci log.

Zatim,

Ponovo pokreni FRST, proveri da li je stikliran Addition.txt i stikliraj Shortcut.txt opciju i lupi Scan.

Arrow Ovaj put, kada te alat obavesti da su izvestaji spremni, i prikaze ti ih u notepad-u, ovaj put idi na File > Save Us i dole u desnom uglu, pod Encoding: u padajucem meniju izaberi Unicode zapis (default je ANSI). Sacuvaj promene.

Prebaci u Unicode zapis sva tri loga, FRST.txt, Addition.txt, Shortcut.txt i u takvom formatu ih prikaci (ne kopirati) uz poruku koristeci opciju Prikači fajl.


+ Slikovit prikaz primera

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1799

Napisano: 05 Jan 2017 12:32

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 05 Jan 2017 12:33

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 05 Jan 2017 12:35

Ovo poslednje sam ti poslao da vidiš kakve su me more morile noćas Very Happy ... i na kraju sam morao da priznam poraz Very Happy

Dopuna: 05 Jan 2017 12:40

Ah da, evo nadjoh onaj Body Text Feathering u cpanelu ali me je neko preduhitrio Very Happy


offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Ubilo ga nesto u medjuvremenu.

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Hosts:
Folder:C:\Program Files (x86)\DVDVideoSoft
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

--------------
Kakvo je sad stanje?

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1799

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by Sale (05-01-2017 14:10:41) Run:4
Running from C:\Users\Sale\Desktop
Loaded Profiles: Sale (Available Profiles: Sale & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Hosts:
Folder:C:\Program Files (x86)\DVDVideoSoft
EmptyTemp:
*****************

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========================= Folder:C:\Program Files (x86)\DVDVideoSoft ========================

not found.

====== End of Folder: ======


=========== EmptyTemp: ==========

BITS transfer queue => 16777216 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5065103 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 26203076 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Sale => 122563 B
Administrator.Sale-PC => 0 B

RecycleBin => 0 B
EmptyTemp: => 45.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:10:44 ====

Deluje mi skroz ok. Ne vidim da ima bilo čega sumnjivog više.

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

OK. To bi trebalo biti to. Ako bude problema, javi.

Sledeća procedura će implementirati završno čišćenje.



Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1799

Hvala ti drug moj puno...

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Pazi na torente i cra*ove, uletece ti nesto ozbiljnije.

Ko je trenutno na forumu
 

Ukupno su 1084 korisnika na forumu :: 37 registrovanih, 8 sakrivenih i 1039 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 8u47, A.R.Chafee.Jr., Apok, bladesu, Bubimir, bufanje, draganl, Duh sa sekirom, Fabius, Frunze, goxin, GveX, Istman, kinez88, Kubovac, kybonacci, mackenzie, mean_machine, menges, milos.cbr, mkukoleca, naki011, Papadubi, pedja.st, raptorsi, ruma, sevenino, Sir Budimir, Sirius, slonic_tonic, sombrero, Srle993, styg, uruk, vlada035, YU-UKI, zillbg