offline
- nikacfrizer
- Novi MyCity građanin
- Pridružio: 07 Jan 2017
- Poruke: 6
|
Napisano: 08 Jan 2017 1:25
Dragi prijatelji, ja se nalazim na privremenom radu u Slovackoj. Pre dva i po meseca sam kupio ovaj laptop u zalagaoni za 120 evra. Ne koristim ga za ne znam kakve stvari, pretezno za surf, gledanje filmova, itsl. Prosecno.
Onda sam u medjuvremenu instalirao: Messenger, Viber, Torrentex, Popcorn Time i igricu Aladin (nisam uspeo da je deinstaliram). Od tada je sve krenulo nizbrdo.
Poceo je da koci i brljavi, ne slusa komande, treba mu tusta i tma vremena da otvori obican prozor (nekad i nekoliko min.), mogu da downloadujem programe, ne i da ih pokrenem. Sada sam, npr, potrosio dva-tri sata, kako bih pokrenuo FRST. Nakon preuzimanja i klika na .exe file, kursor pokazuje da se nesto desava. To traje i traje... Onda se otvorio Explorer, a zatim iskocilo obavestenje, u stilu: Windows je zastitio vas racunar... Windows SmartScreen je sprecio pokretanje aplikacije... Uzas!
Na racunaru je bio instaliran McAfee i mislim da on ne dozvoljava normalan rad, samim tim sto ne mogu da ga deinstaliram. Pored toga, postoji gomila bespotrebnih aplikacija i programa koji ne znam cemu sluze i koje verovatno nikada necu koristiti. Mislim i na Lenovo ovo - Lenovo ono...
Racunar je na neki nacin personalizovan. Ja imam sifru, zalepljenu pored touch pad-a.
Molim vas da, ukoliko mozete, uklonite tu sifru, kao i sve suvisne aplikacije i programe, pogotovo McAfee (instaliracu Avast ili nesto laksi program). Tu prvenstveno mislim na toda bude svedeno na bazicno, da ostane samo suvi Windows, a ja cu skinuti playere i sta mi vec bude neophodno. Zaista nemam neka velika znanja i vestina iz ove oblasti, a samim tim ni mogucnosti da to resim. Nisam ga cistio, jer nemam cime to da uradim. Skinuo sam CCleaner, ali nisam uspeo da ga pokrenem.
I jos, jedva sam uspeo da uklonim slovacki jezik i postavim da bazicni bude srpski. Jos ponegde pokzuje uputstva na slovackom. Ako vam je potrebno, sifra za pristup racunaru je: eleonor.stojkova, pass: jose11..
Idem sada da skeniram racunar, to ce verovatno potrajati.
Kako sam i mislio, skeniranje je potrajalo. Nisam uspeo da iskljucim McAfee prema prilozenom uputstvu, vec sam samo iz Control Panela iskljucio Firewall (da li da ga ponovo aktiviram?). Cekao sam i cekao i dok sam trazio kako i sta da uradim, video sam da je FRST spreman. Brze bolje sam kliknuo Scan. Onda je tokom scanninga bagovao bar 20 puta, pisalo je (NE REAGUJE). Pored toga, jedna nelogicnost: kod mene je Windows (x64), a na FRST-u je pisalo system32. Ne znam o cemu se radi.
Pomagajte.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-01-2017
Ran by eleanor.stojkova (administrator) on LENOVO-PC (08-01-2017 00:46:22)
Running from C:\Users\eleanor.stojkova\Desktop
Loaded Profiles: eleanor.stojkova (Available Profiles: eleanor.stojkova & Administrator)
Platform: Windows 8.1 Connected (Update) (X64) Language: slovački (Slovačka)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Uancy RIYRYAJOU) C:\Users\eleanor.stojkova\AppData\Roaming\HPRewriter2\HPWriterSrv3.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
() C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Validity Sensors\Shared\SensorDBSynch.exe
(Pokki) C:\Users\eleanor.stojkova\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
() C:\Program Files\Lenovo\iMController\AutoUpdate.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(BDYRYOV moudyj) C:\Users\eleanor.stojkova\AppData\Roaming\SimpleNotepad4\SimpleNoteApp5.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.94\opera.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Pokki) C:\Users\eleanor.stojkova\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\eleanor.stojkova\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\eleanor.stojkova\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Pokki) C:\Users\eleanor.stojkova\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\sc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [217088 2014-04-08] (Realtek Semiconductor Corporation)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1622072 2014-01-09] (Lenovo Group Limited)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-04] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10973168 2014-09-04] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [snp2uvc] => C:\windows\vsnp2uvc.exe
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2000202158-699708774-3916072420-1001\...\Run: [Viber] => C:\Users\eleanor.stojkova\AppData\Local\Viber\Viber.exe [41351248 2016-12-07] (Viber Media S.Ã r.l.)
HKU\S-1-5-21-2000202158-699708774-3916072420-1001\...\Run: [SimpleNoteApp5] => C:\Users\eleanor.stojkova\AppData\Roaming\SimpleNotepad4\SimpleNoteApp5.exe [2258944 2016-10-31] (BDYRYOV moudyj) <===== ATTENTION
HKU\S-1-5-21-2000202158-699708774-3916072420-1001\...\Run: [Torrentex] => C:\Torrentex\Torrentex.exe [417744 2015-11-13] ()
HKU\S-1-5-21-2000202158-699708774-3916072420-1001\...\RunOnce: [Application Restart #2] => C:\Users\eleanor.stojkova\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7873512 2016-11-16] (Pokki)
HKU\S-1-5-21-2000202158-699708774-3916072420-1001\...\MountPoints2: {af6ded02-d0c9-11e5-826a-f8a96350b1fd} - "F:\LG_PC_Programs.exe"
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00USBBlockerShellDs] -> {BE57AC86-892D-436E-B763-71DA8FA49A48} => C:\Program Files (x86)\Lenovo\USB Blocker\USBBlockerShell.dll [2013-12-25] (Lenovo(beijing) Limited)
ShellIconOverlayIdentifiers: [00USBBlockerShellRd] -> {FFBCBB89-938E-4412-88AF-AE7A531F95C1} => C:\Program Files (x86)\Lenovo\USB Blocker\USBBlockerShell.dll [2013-12-25] (Lenovo(beijing) Limited)
ShellIconOverlayIdentifiers: [00USBBlockerShellRw] -> {42D4ABFA-0604-45F1-9A7C-622F85614BAB} => C:\Program Files (x86)\Lenovo\USB Blocker\USBBlockerShell.dll [2013-12-25] (Lenovo(beijing) Limited)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{46772345-D641-4587-9C54-89D11AD00C84}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8B127D19-E0EA-47AC-B12D-FDDFDDD23A74}: [DhcpNameServer] 169.254.131.49
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2000202158-699708774-3916072420-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131234411495523568&GUID=89B0DC03-2215-47E3-960C-7F7A4FBAE6AE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2000202158-699708774-3916072420-1001 -> {1F7F9447-3C6F-4C22-B4DF-B247F930BC6C} URL =
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-01-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-01-08] (McAfee, Inc.)
FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-02-11] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2000202158-699708774-3916072420-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\eleanor.stojkova\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default [2017-01-07]
CHR Extension: (Prezentácie Google) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-02]
CHR Extension: (Dokumenty Google) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-02]
CHR Extension: (Disk Google) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-02]
CHR Extension: (YouTube) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-02]
CHR Extension: (Hľadať v Google) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-06-02]
CHR Extension: (Adblocker na Youtube™) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkgcomhcmhlbdokplmbpkejkojkmjglg [2016-11-12]
CHR Extension: (Tabuľky Google) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-02]
CHR Extension: (Lenovo Password Manager) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab [2016-06-02]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-02]
CHR Extension: (Gmail) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-02]
CHR Extension: (Chrome Media Router) - C:\Users\eleanor.stojkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-20]
CHR HKLM-x32\...\Chrome\Extension: [geempcnjhccnoepfmahaeemnnfnignab] - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx [2014-01-09]
Opera:
=======
OPR Extension: (Adblocker na Youtube™) - C:\Users\eleanor.stojkova\AppData\Roaming\Opera Software\Opera Stable\Extensions\nhcombnfcfkgnammoobfmfiokobfpokb [2016-11-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [95232 2014-03-27] () [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 HPWriter Service; C:\Users\eleanor.stojkova\AppData\Roaming\HPRewriter2\HPWriterSrv3.exe [2045424 2016-10-29] (Uancy RIYRYAJOU) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-09-04] (Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-04] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-01-08] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-01-08] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-04] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-09-04] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [File not signed]
R2 USBBKSvc; C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe [35824 2013-12-25] (Lenovo(beijing) Limited)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [46992 2014-01-17] (Validity Sensors, Inc.)
R2 valWbioSyncSvc; C:\windows\system32\valWbioSyncSvc.exe [32256 2014-01-17] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
S2 LubFsFlt; C:\windows\System32\Drivers\LubFsFlt.sys [27384 2014-02-22] (Lenovo(beijing) Limited)
R0 LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [45304 2014-02-22] (Lenovo(beijing) Limited)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-24] (Realtek Semiconductor Corp.)
S3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [559832 2014-02-26] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [3421040 2014-04-30] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-24] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\System32\drivers\smi.sys [19760 2014-01-22] (Windows (R) Win 7 DDK provider)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2855960 2014-04-26] (Sonix Co. Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-08 00:46 - 2017-01-08 00:46 - 00022904 _____ C:\Users\eleanor.stojkova\Desktop\FRST.txt
2017-01-07 23:49 - 2017-01-08 00:46 - 00000000 ____D C:\FRST
2017-01-07 22:48 - 2017-01-07 22:48 - 02418688 _____ (Farbar) C:\Users\eleanor.stojkova\Desktop\FRST64.exe
2017-01-07 22:39 - 2017-01-07 22:39 - 00022016 ___SH C:\Users\eleanor.stojkova\Downloads\Thumbs.db
2017-01-07 21:47 - 2017-01-07 21:47 - 08803648 _____ (Piriform Ltd) C:\Users\eleanor.stojkova\Desktop\ccsetup525.exe
2017-01-07 20:27 - 2017-01-07 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-01-07 05:54 - 2017-01-07 05:54 - 00000000 ____D C:\Program Files\Windows Journal
2017-01-03 19:53 - 2017-01-03 21:51 - 00000000 ____D C:\Users\eleanor.stojkova\Downloads\PopcornTime
2017-01-03 19:51 - 2017-01-03 19:51 - 00000000 ____D C:\Users\eleanor.stojkova\AppData\Local\PopcornTime
2017-01-03 19:42 - 2017-01-03 19:42 - 00001220 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2017-01-03 19:42 - 2017-01-03 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2017-01-03 19:31 - 2017-01-03 19:43 - 00000000 ____D C:\Program Files (x86)\Popcorn Time
2017-01-03 19:08 - 2017-01-03 19:14 - 56002117 _____ (Popcorn Time ) C:\Users\eleanor.stojkova\Downloads\PopcornTime-latest.exe
2016-12-17 11:52 - 2016-12-01 15:13 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-12-17 11:52 - 2016-12-01 15:13 - 00678592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-12-17 11:52 - 2016-12-01 15:11 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-12-17 11:52 - 2016-12-01 15:11 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-12-17 11:52 - 2016-10-20 14:14 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2016-12-17 11:52 - 2016-10-20 14:10 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2016-12-17 07:32 - 2016-12-17 07:33 - 00000000 ____D C:\Users\eleanor.stojkova\AppData\Local\Viber
2016-12-14 16:33 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 16:33 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 16:33 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 16:33 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 16:32 - 2016-11-19 22:24 - 00567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 16:32 - 2016-11-19 22:24 - 00152856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 16:32 - 2016-11-19 18:22 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 16:32 - 2016-11-16 22:49 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 16:32 - 2016-11-12 22:06 - 00738104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-12-14 16:32 - 2016-11-12 20:38 - 00613632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-12-14 16:32 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 16:32 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 16:32 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-14 16:32 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-14 16:32 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-14 16:32 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-14 16:32 - 2016-11-11 03:33 - 01541240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 16:32 - 2016-11-09 18:25 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 16:32 - 2016-11-05 21:46 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-12-14 16:32 - 2016-11-05 19:35 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-14 16:32 - 2016-11-05 18:57 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 16:32 - 2016-11-05 18:11 - 03606528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 16:32 - 2016-11-05 16:56 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-12-14 16:32 - 2016-11-05 16:46 - 02463744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-12-14 16:32 - 2016-10-28 03:56 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-12-14 16:32 - 2016-10-27 15:28 - 01097728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-12-14 16:32 - 2016-10-12 22:49 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-12-14 16:32 - 2016-10-12 22:11 - 00922968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2016-12-14 16:32 - 2016-10-11 17:45 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-12-14 16:32 - 2016-10-11 00:31 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-12-14 16:32 - 2016-10-10 19:18 - 00069976 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2016-12-14 16:32 - 2016-10-10 19:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-12-14 16:32 - 2016-10-09 15:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2016-12-14 16:32 - 2016-10-09 15:08 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2016-12-14 16:32 - 2016-10-09 15:08 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2016-12-14 16:32 - 2016-10-08 23:24 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-12-14 16:32 - 2016-10-08 22:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-12-14 16:32 - 2016-10-08 22:10 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-12-14 16:32 - 2016-10-05 15:01 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-12-14 16:32 - 2016-10-05 15:00 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-12-14 16:32 - 2016-10-05 15:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-12-14 16:32 - 2016-10-05 05:15 - 01969944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-12-14 16:32 - 2016-10-05 05:15 - 01613528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-12-14 16:32 - 2016-10-05 05:15 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-12-14 16:32 - 2016-10-05 05:15 - 00245320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-12-14 16:32 - 2016-09-20 23:30 - 02462040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-12-14 16:31 - 2016-11-19 20:29 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-12-14 16:31 - 2016-11-19 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-12-14 16:31 - 2016-11-19 18:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-12-14 16:31 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-12-14 16:31 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-12-14 16:31 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-12-14 16:31 - 2016-11-12 19:23 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-12-14 16:31 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-12-14 16:31 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-12-14 16:31 - 2016-11-12 18:45 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-12-14 16:31 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-12-14 16:31 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-12-14 16:31 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-12-14 16:31 - 2016-10-05 14:52 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-12-14 16:31 - 2016-10-05 14:52 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2016-12-14 16:31 - 2016-09-27 21:16 - 00445873 _____ C:\WINDOWS\system32\ApnDatabase.xml
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-08 00:55 - 2016-06-02 14:34 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-01-08 00:28 - 2016-06-02 14:34 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-07 23:25 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-07 23:21 - 2015-10-30 15:44 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2000202158-699708774-3916072420-1001
2017-01-07 22:45 - 2015-10-30 15:24 - 00000000 ____D C:\Users\eleanor.stojkova\AppData\Local\SweetLabs App Platform
2017-01-07 21:23 - 2016-11-01 13:47 - 00000000 ____D C:\Users\eleanor.stojkova\AppData\Roaming\Torrentex
2017-01-07 20:49 - 2016-10-21 14:32 - 00000000 ____D C:\Users\eleanor.stojkova\AppData\Roaming\ViberPC
2017-01-07 20:39 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-01-07 12:21 - 2016-10-21 14:34 - 00000000 ____D C:\Users\eleanor.stojkova\Documents\ViberDownloads
2017-01-07 10:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-07 08:22 - 2015-11-09 10:09 - 00001279 _____ C:\Users\eleanor.stojkova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2017-01-07 08:22 - 2015-10-30 15:34 - 00000000 ____D C:\ProgramData\LU
2017-01-07 08:21 - 2014-03-18 10:53 - 00005384 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-07 08:11 - 2014-09-04 17:19 - 00000000 ____D C:\ProgramData\Validity
2017-01-07 08:11 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-07 07:58 - 2015-10-30 15:36 - 00065132 _____ C:\Users\eleanor.stojkova\AppData\Roaming\AbsoluteReminder.xml
2017-01-07 05:54 - 2014-03-18 10:25 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-01-07 05:54 - 2014-03-18 10:25 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-01-07 05:54 - 2014-03-18 10:25 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-01-07 05:54 - 2014-03-18 10:25 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-01-07 05:54 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-07 05:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2017-01-07 05:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-01-07 05:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-01-07 05:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-07 05:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2017-01-07 05:54 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-01-07 05:54 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-01-07 05:54 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2017-01-07 05:54 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-01-07 05:54 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-01-07 05:54 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-01-07 05:54 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-01-07 05:54 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-07 05:54 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\servicing
2017-01-07 04:41 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2017-01-07 03:56 - 2015-10-30 15:24 - 00000000 ____D C:\Users\eleanor.stojkova
2017-01-07 01:21 - 2016-05-30 17:02 - 00004018 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{26A23BE2-48FC-4FCE-A970-0B50C96A2A13}
2017-01-03 15:12 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-01-03 15:10 - 2014-09-04 18:00 - 00000000 ____D C:\ProgramData\McAfee
2017-01-03 15:08 - 2014-09-04 18:00 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-01-02 00:02 - 2016-04-01 18:07 - 00000000 ____D C:\Program Files (x86)\Opera
2016-12-30 19:25 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-21 20:33 - 2016-04-01 18:18 - 00003860 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1459531116
2016-12-20 20:32 - 2015-10-30 22:06 - 00003348 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2016-12-18 12:02 - 2013-08-22 15:44 - 00346744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-18 11:57 - 2014-09-04 16:11 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TMContainer00000000000000000001.regtrans-ms
2016-12-18 11:57 - 2014-09-04 16:11 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TM.blf
2016-12-18 11:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2016-12-18 11:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-18 11:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2016-12-18 11:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-18 11:53 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-17 12:03 - 2015-11-01 15:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-17 11:58 - 2015-11-01 15:13 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-17 08:44 - 2016-06-02 14:47 - 00003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 08:44 - 2016-06-02 14:47 - 00003202 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 08:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-17 07:34 - 2016-11-27 19:42 - 00000000 ____D C:\Users\eleanor.stojkova\AppData\Local\Viber.old
2016-12-14 14:07 - 2016-06-02 14:34 - 00003880 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-12-14 14:07 - 2016-06-02 14:34 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-12-14 07:43 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-14 07:43 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-12 00:00 - 2016-11-15 17:12 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:00 - 2016-11-15 17:12 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-09 00:26 - 2016-12-03 04:29 - 00000000 ____D C:\Users\eleanor.stojkova\AppData\Roaming\Messenger for Desktop
==================== Files in the root of some directories =======
2015-10-30 15:36 - 2017-01-07 07:58 - 0065132 _____ () C:\Users\eleanor.stojkova\AppData\Roaming\AbsoluteReminder.xml
2016-11-27 19:51 - 2016-11-27 19:51 - 0076976 _____ () C:\Users\eleanor.stojkova\AppData\Roaming\LoJackSetup.exe
2015-10-30 15:31 - 2017-01-08 00:37 - 1663959 _____ () C:\Users\eleanor.stojkova\AppData\Local\BTServer.log
2014-09-04 17:13 - 2014-09-04 17:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\eleanor.stojkova\AppData\Roaming\SimpleNotepad4\SimpleNoteApp5.exe
Some files in TEMP:
====================
C:\Users\eleanor.stojkova\AppData\Local\Temp\combase.dll
C:\Users\eleanor.stojkova\AppData\Local\Temp\LenovoExperienceImprovement.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\messengerfordesktop-2.0.1-win32-setup-for-nsis.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\oct42C9.tmp.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\oct4647.tmp.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\oct53F7.tmp.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\oct5F8D.tmp.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\oct7B3.tmp.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\oct8B85.tmp.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\octB2E0.tmp.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\octB874.tmp.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\octBD3B.tmp.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\octD7EC.tmp.exe
C:\Users\eleanor.stojkova\AppData\Local\Temp\octD7F6.tmp.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-13 19:10
==================== End of FRST.txt ============================
mycity.rs/must-login.png
Dopuna: 08 Jan 2017 1:32
Sada se Explorer ukljucuje u nekim intervalima, potpuno van kontrole. Mala digresija - pred kraj scanninga FRST-om, bio se ukljucio i McAfee i ja sam desnim klikom na ikonicu na task baru uspeo da ga iskljucim. Vidim da ga nema, tj. nije aktivan u donjem desnom uglu.
|