MyCity » Ambulanta -> Arhiva Ambulante » Kineski malware

Kineski malware

Napisano na dan: 24.9.2015

Kineski malware

Sledeća strana

Pagination

Odgovori

zola92 Poslao: 25 Sep 2015 00:48 Idi na vrh
offline zola92 Super građanin Pridružio: 20 Mar 2011 Poruke: 1316 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 24 Sep 2015 19:01 Danas sam hteo da instaliram neki program. Međutim, nisam obraćao pažnju na kom se sajtu nalazim i preuzeo sam pogrešnu stvar. Tek kad sam je pokrenuo shvatio sam šta sam uradio ali je bilo kasno. Čak i ako nisam uopšte započeo instalaciju, samo pokretanje fajla je napravilo problem. Malware je u pozadini instalirao nekoliko kineskih programa. Programe koje sam našao u Programs and Features sam ručno obrisao ali postoji ih još kojih nema tamo. Neke sam i ručno obrisao direktno iz Program Files foldera. Odradio sam skeniranje MBAM-om i našao je preko 100 zaraženih datoteka. Ispod se nalazi MBAM log: [Link mogu videti samo ulogovani korisnici] Takođe, izgleda da je jedan od tih kineskih programa i antivirus pošto se Windows Defender sam deaktivirao usled postojanja drugog antivirusa. Evo i ostalih logova: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-09-2015 Ran by zola92 (administrator) on DESKTOP (24-09-2015 18:52:31) Running from C:\Users\zola92\Desktop Loaded Profiles: zola92 (Available Profiles: zola92) Platform: Microsoft Windows 10 Pro (X86) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Tencent) C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe (HP) C:\Windows\System32\HPSIsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (Company) C:\Program Files\Popcorn Time\Updater.exe () C:\Program Files\Tencent\QQBrowser\service\PerfTraceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Google Inc.) C:\Program Files\Google\Update\1.3.28.15\GoogleCrashHandler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Hewlett-Packard Company) C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (Tencent) C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QQPCTray.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE (Tencent) C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\plugins\QMNetMon\QQPCNetFlow.exe (Tencent) C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QQPCRealTimeSpeedup.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Tencent) C:\Program Files\Common Files\Tencent\QQDownload\130\Tencentdl.exe (Tencent) C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QMDL.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-08-18] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [ QQPCTray] => C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QQPCTray.exe [355296 2015-09-24] (Tencent) HKU\S-1-5-21-728440190-1536315488-1857080609-1001\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-728440190-1536315488-1857080609-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-20] (Piriform Ltd) HKU\S-1-5-21-728440190-1536315488-1857080609-1001\...\Run: [Flvto YouTube Downloader] => "C:\Users\zola92\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe" /minimize ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QMGCShellExt.dll [2015-09-24] (Tencent) GroupPolicyScripts: Restriction <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50 Tcpip\..\Interfaces\{9c79bbfe-0465-4d74-8f7e-4c65916aadbf}: [DhcpNameServer] 89.216.1.30 89.216.1.50 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] HKU\S-1-5-21-728440190-1536315488-1857080609-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici] SearchScopes: HKU\S-1-5-21-728440190-1536315488-1857080609-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\zola92\AppData\Roaming\Mozilla\Firefox\Profiles\nw1q339g.default-1428662967347 FF Homepage: [Link mogu videti samo ulogovani korisnici] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation) FF Plugin: @qq.com/QQPCMgr -> C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\npQMExtensionsMozilla.dll [2015-09-24] (Tencent Technology (Shenzhen) Company Limited) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-728440190-1536315488-1857080609-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\zola92\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS) FF Extension: Gmail Notifier (restartless) - C:\Users\zola92\AppData\Roaming\Mozilla\Firefox\Profiles\nw1q339g.default-1428662967347\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2015-04-10] FF Extension: YouTube High Definition - C:\Users\zola92\AppData\Roaming\Mozilla\Firefox\Profiles\nw1q339g.default-1428662967347\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-08-12] FF Extension: Adblock Plus - C:\Users\zola92\AppData\Roaming\Mozilla\Firefox\Profiles\nw1q339g.default-1428662967347\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-10] Chrome: ======= CHR Profile: C:\Users\zola92\AppData\Local\Google\Chrome\User Data\Default ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-08-18] (NVIDIA Corporation) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-08-18] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2015-08-18] (NVIDIA Corporation) R2 PerfTraceService; C:\Program Files\Tencent\QQBrowser\Service\PerfTraceService.exe [278880 2015-09-24] () R2 QQPCRTP; C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe [297608 2015-09-24] (Tencent) S3 TAOFrame; C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\TAOFrame.exe [293856 2015-09-24] (Tencent) R2 Update service; C:\Program Files\Popcorn Time\Updater.exe [179200 2014-09-08] (Company) [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation) S3 WsAppService; C:\Program Files\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus.sys [15744 2014-10-09] (LG Electronics Inc.) S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys [23680 2014-10-09] (LG Electronics Inc.) S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys [28416 2014-10-09] (LG Electronics Inc.) R3 Atc002; C:\WINDOWS\System32\drivers\l260x86.sys [29184 2015-07-10] (Atheros Communications, Inc.) S3 bthav; C:\WINDOWS\system32\drivers\bthav.sys [34816 2008-07-10] (CSR, plc) [File not signed] S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-05-27] (Disc Soft Ltd) R2 giveio; C:\WINDOWS\system32\giveio.sys [5248 1996-04-03] () [File not signed] R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Chicony) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation) R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [5810 2004-08-13] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation) R1 QMIEProtect; C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QMIEProtect.sys [49976 2015-08-18] () R1 QMUdisk; C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QMUdisk.sys [75192 2015-09-24] (Tencent) R1 QQPCHelper; C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QQPCHelper.sys [22880 2015-09-24] (Tencent) R2 QQSysMon; C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QQSysMon.sys [108472 2015-09-24] (电脑管家) R2 speedfan; C:\WINDOWS\system32\speedfan.sys [24184 2012-12-29] (Almico Software) R2 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator.sys [77016 2015-09-24] (Tencent) R1 TAOKernelDriver; C:\WINDOWS\System32\Drivers\TAOKernel.sys [138552 2015-09-24] (Tencent Technology(Shenzhen) Company Limited) R3 TFsFlt; C:\WINDOWS\System32\Drivers\TFsFlt.sys [150072 2015-09-24] (电脑管家) R1 TSCPM; C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\tscpm.sys [43448 2015-09-24] (电脑管家) R1 TSDefenseBt; C:\WINDOWS\System32\DRIVERS\TSDefenseBt.sys [14008 2015-09-24] (Tencent) R0 TsFltMgr; C:\WINDOWS\System32\drivers\TsFltMgr.sys [124792 2015-09-24] (电脑管家) S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] () S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2014-08-15] (Apple, Inc.) [File not signed] S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation) S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation) R1 ZAM; C:\Windows\System32\drivers\zam32.sys [90344 2015-02-19] (Zemana Ltd.) R4 TSKSP; C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\TSKSP.sys [204920 2015-09-24] (电脑管家) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-24 18:52 - 2015-09-24 18:53 - 00014774 _____ C:\Users\zola92\Desktop\FRST.txt 2015-09-24 18:52 - 2015-09-24 18:52 - 00000000 ____D C:\FRST 2015-09-24 18:50 - 2015-09-24 18:51 - 01695744 _____ (Farbar) C:\Users\zola92\Desktop\FRST.exe 2015-09-24 18:32 - 2015-09-24 18:32 - 00000000 ___HD C:\OneDriveTemp 2015-09-24 18:31 - 2015-09-24 18:31 - 00016148 _____ C:\WINDOWS\system32\DESKTOP_zola92_HistoryPrediction.bin 2015-09-24 14:11 - 2015-09-24 14:11 - 00083520 _____ (Tencent Inc.) C:\WINDOWS\system32\Drivers\TsQBDrv.sys 2015-09-24 14:04 - 2015-09-24 14:04 - 00000000 ____D C:\ProgramData\TXQMPC 2015-09-24 14:01 - 2015-09-24 14:01 - 00000000 ____D C:\ProgramData\Rising 2015-09-24 14:00 - 2015-09-24 18:31 - 00000302 _____ C:\WINDOWS\Tasks\QQBrowser Udpater Task(Core).job 2015-09-24 13:59 - 2015-09-24 18:36 - 00000298 _____ C:\WINDOWS\Tasks\QQBrowser Udpater Task.job 2015-09-24 13:58 - 2015-09-24 14:00 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 2015-09-24 13:58 - 2015-09-24 13:58 - 00150072 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFlt.sys 2015-09-24 13:58 - 2015-09-24 13:58 - 00138552 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel.sys 2015-09-24 13:58 - 2015-09-24 13:58 - 00124792 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TsFltMgr.sys 2015-09-24 13:58 - 2015-09-24 13:58 - 00077016 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator.sys 2015-09-24 13:58 - 2015-09-24 13:58 - 00014008 _____ (Tencent) C:\WINDOWS\system32\Drivers\TSDefenseBt.sys 2015-09-24 13:58 - 2015-09-24 13:58 - 00000000 ____D C:\Program Files\Common Files\Tencent 2015-09-24 13:56 - 2015-09-24 18:33 - 00000000 ____D C:\ProgramData\Tencent 2015-09-24 13:56 - 2015-09-24 14:11 - 00000000 ____D C:\Program Files\Tencent 2015-09-24 13:56 - 2015-09-24 14:09 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Tencent 2015-09-24 13:23 - 2015-09-24 13:23 - 00000000 ____D C:\Users\zola92\AppData\Roaming\WB_CFG 2015-09-24 13:18 - 2015-09-24 14:03 - 00000000 ____D C:\ProgramData\uiksdl201592411 2015-09-24 13:18 - 2015-09-24 14:00 - 00000460 _____ C:\WINDOWS\Tasks\Adobe Flash box Files Update Ver 2015924.job 2015-09-24 13:18 - 2015-09-24 13:18 - 00000000 ____D C:\Users\zola92\AppData\Roaming\ppslog 2015-09-24 13:18 - 2015-09-24 13:18 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7k7k游戏盒子(924) 2015-09-24 13:18 - 2015-09-24 13:18 - 00000000 ____D C:\ProgramData\adb 2015-09-24 13:18 - 2015-09-24 13:18 - 00000000 ____D C:\ProgramData\4997GameBox_Data 2015-09-24 13:18 - 2015-09-24 13:18 - 00000000 ____D C:\ppsfile 2015-09-24 13:17 - 2015-09-24 13:17 - 00000000 ____D C:\Users\zola92\AppData\Local\Unity 2015-09-24 13:16 - 2015-09-24 13:16 - 00000000 ____D C:\Users\Public\QiYi 2015-09-23 23:40 - 2015-09-23 23:40 - 00000000 ____D C:\ProgramData\Steam 2015-09-23 21:23 - 2015-09-23 21:39 - 00000000 ____D C:\Users\zola92\Downloads\Pro Evolution Soccer 2015 [RePack] 2015-09-23 18:02 - 2015-09-23 18:02 - 00000000 ____D C:\Users\zola92\AppData\Local\Setup Integrity Check 2015-09-18 20:49 - 2015-09-19 00:22 - 00000034 _____ C:\Users\zola92\Desktop\Aplikacije.txt 2015-09-14 18:03 - 2015-09-14 18:03 - 00000000 ____D C:\Users\zola92\AppData\Roaming\NVIDIA 2015-09-14 00:43 - 2015-09-14 00:43 - 00000000 ____D C:\ProgramData\SystemRequirementsLab 2015-09-14 00:43 - 2015-09-14 00:43 - 00000000 ____D C:\Program Files\SystemRequirementsLab 2015-09-13 16:26 - 2015-09-13 16:26 - 00000000 ____D C:\Users\zola92\AppData\Local\NVIDIA 2015-09-13 16:23 - 2015-09-13 16:23 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore 2015-09-13 16:22 - 2015-09-13 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-09-13 16:22 - 2015-08-18 10:47 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge.dll 2015-09-13 16:22 - 2015-08-18 10:47 - 01278920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap.dll 2015-09-13 16:21 - 2015-08-17 23:28 - 00606896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe 2015-09-13 16:18 - 2015-08-18 10:47 - 24200312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 16128768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2um.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 15294072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 14497568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dum.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 11272048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 11209376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 10704560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-09-13 16:18 - 2015-08-18 10:47 - 03987576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 02824176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 01059504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3234181.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 00912688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3234181.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 00907440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 00869040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll 2015-09-13 16:16 - 2015-08-18 01:28 - 04388016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-09-13 16:16 - 2015-08-18 01:28 - 03062064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll 2015-09-13 16:16 - 2015-08-18 01:28 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-09-13 16:16 - 2015-08-18 01:28 - 00670512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-09-13 16:16 - 2015-08-18 01:28 - 00375088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-09-13 16:16 - 2015-08-18 01:28 - 00061744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-09-13 16:16 - 2015-08-18 00:02 - 05147024 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-09-13 16:15 - 2015-09-13 16:15 - 00000000 ____D C:\NVIDIA 2015-09-13 16:12 - 2015-09-24 14:14 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-13 16:03 - 2015-08-18 10:47 - 00060720 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-09-13 16:02 - 2015-09-13 16:02 - 01059528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3234174.dll 2015-09-13 16:02 - 2015-09-13 16:02 - 00911560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3234174.dll 2015-09-13 16:02 - 2015-08-18 10:47 - 00021015 _____ C:\WINDOWS\system32\nvinfo.pb 2015-09-10 16:48 - 2015-09-10 17:35 - 00000000 ____D C:\Users\zola92\Downloads\Filantropica (2002) DVDRip 2015-09-09 16:37 - 2015-09-24 14:00 - 00002242 _____ C:\Users\zola92\Desktop\Popcorn Time.lnk 2015-09-09 16:36 - 2015-09-09 16:36 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2015-09-09 10:35 - 2015-09-02 04:04 - 00069208 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-09-09 10:35 - 2015-09-02 02:31 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-09-09 10:35 - 2015-09-02 02:30 - 01134080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-09-09 10:35 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-09 10:35 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-09-09 10:35 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-09 10:35 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-09 10:35 - 2015-08-27 07:19 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-09 10:35 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-09-09 10:35 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-09 10:35 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 10:35 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-09 10:35 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-09 10:35 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-09 10:35 - 2015-08-27 07:11 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll 2015-09-09 10:35 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-09 10:35 - 2015-08-27 07:10 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-09-09 10:35 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-09 10:35 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-08 13:13 - 2015-09-15 15:00 - 00003651 _____ C:\WINDOWS\setupact.log 2015-09-08 13:13 - 2015-09-08 13:13 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-08-29 14:56 - 2015-08-29 14:56 - 00000000 ____D C:\Users\zola92\Desktop\modovi 2015-08-29 14:51 - 2015-09-24 14:14 - 00139138 _____ C:\WINDOWS\PFRO.log 2015-08-29 14:46 - 2015-08-20 07:25 - 06265168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-29 14:46 - 2015-08-20 07:22 - 00549160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-08-29 14:46 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-29 14:46 - 2015-08-20 06:46 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-29 14:46 - 2015-08-20 06:41 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-08-29 14:46 - 2015-08-20 06:35 - 01829376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-08-29 14:46 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-29 14:46 - 2015-08-18 09:26 - 00284000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-08-29 14:46 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-29 14:46 - 2015-08-18 09:14 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll 2015-08-29 14:46 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2015-08-29 14:46 - 2015-08-18 08:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-08-29 14:46 - 2015-08-18 08:47 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-08-29 14:46 - 2015-08-18 08:41 - 01161216 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2015-08-29 14:46 - 2015-08-18 08:40 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-29 14:46 - 2015-08-18 08:38 - 01875968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-08-29 14:46 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll 2015-08-29 14:46 - 2015-08-18 08:35 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll 2015-08-29 14:46 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2015-08-29 14:46 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll 2015-08-29 14:46 - 2015-08-18 08:35 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll 2015-08-29 14:46 - 2015-08-18 08:34 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-08-29 14:46 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2015-08-29 14:46 - 2015-08-18 08:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2015-08-29 14:46 - 2015-08-18 08:31 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-29 14:46 - 2015-08-18 08:30 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2015-08-29 14:46 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-29 14:46 - 2015-08-18 08:26 - 01499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-29 14:46 - 2015-08-18 08:26 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-08-29 14:46 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2015-08-29 14:46 - 2015-08-18 06:42 - 00006631 _____ C:\WINDOWS\system32\ResPriHMImageList 2015-08-29 14:46 - 2015-08-18 06:42 - 00006313 _____ C:\WINDOWS\system32\ResPriImageList 2015-08-29 14:23 - 2015-09-24 14:15 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-08-29 11:46 - 2015-09-24 14:03 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-08-27 21:31 - 2015-08-27 21:31 - 00000000 ____D C:\Program Files\Common Files\Java 2015-08-27 21:30 - 2015-08-27 21:30 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Sun 2015-08-27 21:30 - 2015-08-27 21:30 - 00000000 ____D C:\Users\zola92\.oracle_jre_usage 2015-08-27 15:37 - 2015-08-27 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-24 18:46 - 2015-05-25 14:54 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-09-24 18:32 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-24 18:32 - 2014-07-12 16:25 - 00000906 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-24 18:32 - 2014-02-06 14:27 - 00000000 ____D C:\ProgramData\MCShield 2015-09-24 18:32 - 2014-02-05 20:03 - 00000000 ___DO C:\Users\zola92\SkyDrive 2015-09-24 14:14 - 2015-07-10 11:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-24 14:13 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-24 14:13 - 2015-07-10 08:59 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-09-24 14:13 - 2014-09-29 15:46 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-09-24 14:04 - 2015-07-10 11:53 - 00345504 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-24 14:03 - 2015-07-29 20:54 - 00000000 ____D C:\Users\zola92 2015-09-24 14:03 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\schemas 2015-09-24 14:03 - 2014-02-05 19:09 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-09-24 14:02 - 2015-08-11 15:40 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2015-09-24 14:02 - 2015-07-29 21:06 - 00001520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-09-24 14:02 - 2015-05-25 14:54 - 00001158 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-09-24 14:02 - 2015-05-25 14:07 - 00000916 _____ C:\Users\Public\Desktop\AIMP3.lnk 2015-09-24 14:02 - 2015-03-06 20:41 - 00000000 ____D C:\Users\zola92\AppData\Roaming\qBittorrent 2015-09-24 14:02 - 2014-09-21 15:53 - 00000962 _____ C:\Users\Public\Desktop\Steam.lnk 2015-09-24 14:02 - 2014-07-23 23:49 - 00001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk 2015-09-24 14:02 - 2014-04-22 08:51 - 00001063 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-09-24 14:02 - 2014-02-20 13:10 - 00001371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2015-09-24 14:02 - 2014-02-20 13:10 - 00001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2015-09-24 14:02 - 2014-02-06 14:32 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-09-24 14:02 - 2014-02-05 19:09 - 00001129 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-09-24 14:00 - 2015-08-07 13:57 - 00001069 _____ C:\Users\zola92\Desktop\SpeedFan.lnk 2015-09-24 14:00 - 2015-07-29 21:37 - 00002374 _____ C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-09-24 14:00 - 2015-06-13 21:32 - 00002295 _____ C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto YouTube Downloader.lnk 2015-09-24 14:00 - 2015-06-13 21:32 - 00001475 _____ C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Flvto YouTube Downloader.lnk 2015-09-24 14:00 - 2015-03-14 12:56 - 00000708 _____ C:\Users\zola92\Desktop\SAMP.lnk 2015-09-24 14:00 - 2015-03-07 15:42 - 00000716 _____ C:\Users\zola92\Desktop\GTA San Andreas.lnk 2015-09-24 14:00 - 2014-10-27 20:42 - 00000914 _____ C:\Users\zola92\Desktop\Pro Evolution Soccer 2013.lnk 2015-09-24 14:00 - 2014-08-28 12:35 - 00001279 _____ C:\Users\zola92\Desktop\.minecraft - Shortcut.lnk 2015-09-24 14:00 - 2014-08-28 12:33 - 00002321 _____ C:\Users\zola92\Desktop\Minecraft.lnk 2015-09-24 14:00 - 2014-07-23 23:49 - 00001096 _____ C:\Users\zola92\Desktop\KeePass.lnk 2015-09-24 13:58 - 2014-02-05 17:24 - 00000000 ____D C:\Users\zola92\AppData\Local\VirtualStore 2015-09-24 13:52 - 2014-02-05 16:17 - 00000000 ___RD C:\Users\zola92\Radovi 2015-09-24 13:21 - 2014-07-12 16:25 - 00000910 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-24 13:20 - 2014-10-27 10:07 - 00000000 ____D C:\Users\zola92\Desktop\Tor Browser 2015-09-24 13:16 - 2015-07-10 10:28 - 00000000 ___RD C:\Users\Public 2015-09-24 11:57 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Microsoft.NET 2015-09-23 23:40 - 2014-04-25 00:36 - 00000000 ____D C:\ProgramData\KONAMI 2015-09-23 23:40 - 2014-04-24 18:54 - 00000000 ____D C:\Users\zola92\Documents\KONAMI 2015-09-22 15:38 - 2015-07-10 10:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-21 18:03 - 2014-10-15 11:59 - 00000000 ____D C:\Users\zola92\AppData\Local\Popcorn-Time 2015-09-19 21:19 - 2013-07-13 20:49 - 00000324 _____ C:\Users\zola92\Desktop\Filmovi.txt 2015-09-15 21:15 - 2015-07-29 21:17 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-09-15 18:12 - 2015-07-10 10:29 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-09-15 18:12 - 2015-07-10 10:29 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-09-13 18:10 - 2014-02-05 21:03 - 00000000 ____D C:\Users\zola92\AppData\Roaming\MPC-HC 2015-09-13 16:27 - 2015-07-29 20:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-09-13 16:27 - 2014-02-05 17:50 - 00000000 ____D C:\Users\zola92\AppData\Local\NVIDIA Corporation 2015-09-13 16:22 - 2015-07-29 20:47 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-09-13 16:15 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Help 2015-09-13 16:05 - 2015-07-10 12:49 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-13 16:05 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-09-09 16:36 - 2015-07-30 12:07 - 00000000 ____D C:\Users\zola92\AppData\Local\Popcorn Time 2015-09-09 11:48 - 2014-02-07 12:17 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-09 11:42 - 2014-02-05 21:24 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-09 11:32 - 2014-10-20 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-08-31 15:51 - 2015-08-07 13:57 - 00000000 ____D C:\Program Files\SpeedFan 2015-08-29 14:19 - 2014-09-21 15:53 - 00000000 ____D C:\Program Files\Steam 2015-08-29 14:19 - 2014-05-12 15:12 - 00000000 ____D C:\Users\zola92\AppData\Roaming\AIMP3 2015-08-29 14:18 - 2015-07-30 06:44 - 00000000 ___DC C:\WINDOWS\Panther 2015-08-29 14:04 - 2014-04-22 08:51 - 00000000 ____D C:\Program Files\CCleaner 2015-08-28 12:42 - 2014-08-08 11:57 - 00000000 ____D C:\Users\zola92\Desktop\Nikola 2015-08-27 21:38 - 2014-02-05 21:49 - 00000000 ____D C:\ProgramData\Oracle 2015-08-27 21:31 - 2014-12-30 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-27 21:31 - 2014-12-30 22:27 - 00000000 ____D C:\Program Files\Java 2015-08-27 21:30 - 2014-12-30 22:28 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-08-27 15:37 - 2015-03-06 20:40 - 00000000 ____D C:\Program Files\qBittorrent 2015-08-26 18:36 - 2014-02-07 12:17 - 132039072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Files in the root of some directories ======= 2015-01-03 18:06 - 2015-01-03 18:06 - 0000017 _____ () C:\Users\zola92\AppData\Local\resmon.resmoncfg 2014-03-25 19:04 - 2014-03-25 19:04 - 0670909 _____ () C:\ProgramData\1395765947.bdinstall.bin 2014-03-25 19:10 - 2014-03-25 19:10 - 0306052 _____ () C:\ProgramData\1395767149.bdinstall.bin 2014-03-25 19:09 - 2014-03-25 19:09 - 0050052 _____ () C:\ProgramData\1395767373.bdinstall.bin 2014-03-25 19:21 - 2014-03-25 19:21 - 0506064 _____ () C:\ProgramData\1395767696.bdinstall.bin 2014-04-21 20:30 - 2014-04-21 20:30 - 0257825 _____ () C:\ProgramData\1398104867.bdinstall.bin 2014-04-21 20:45 - 2014-04-21 20:45 - 0032600 _____ () C:\ProgramData\1398105896.bdinstall.bin 2014-07-12 12:24 - 2014-07-12 12:24 - 0546190 _____ () C:\ProgramData\1405160195.bdinstall.bin 2014-07-16 23:57 - 2014-07-16 23:57 - 0262009 _____ () C:\ProgramData\1405547716.bdinstall.bin 2015-07-29 20:47 - 2015-07-29 20:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\zola92\AppData\Local\Temp\install1754835.exe C:\Users\zola92\AppData\Local\Temp\IQIYIsetup_spl004@kb037.exe C:\Users\zola92\AppData\Local\Temp\nvSCPAPI.dll C:\Users\zola92\AppData\Local\Temp\nvSCPAPISvr.exe C:\Users\zola92\AppData\Local\Temp\nvStInst.exe C:\Users\zola92\AppData\Local\Temp\qqpcmgr_v10.10.16444.223_8885760_Silence.exe C:\Users\zola92\AppData\Local\Temp\setup3.exe C:\Users\zola92\AppData\Local\Temp\sfamcc00001.dll C:\Users\zola92\AppData\Local\Temp\SRLDetectionLibrary98554963914544990.dll C:\Users\zola92\AppData\Local\Temp\update.exe C:\Users\zola92\AppData\Local\Temp\V8._85772_20150906124116.exe C:\Users\zola92\AppData\Local\Temp\wgjiklit_533_setup.exe C:\Users\zola92\AppData\Local\Temp\yyzb_19-3.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-18 10:44 ==================== End of FRST.txt ============================ [Link mogu videti samo ulogovani korisnici] Hvala unapred na pomoći. Dopuna: 25 Sep 2015 0:48 Izgleda da sam uspeo da obrišem i ostatak kineskih programa. Evo novih logova: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-09-2015 Ran by zola92 (administrator) on DESKTOP (25-09-2015 00:42:18) Running from C:\Users\zola92\Desktop Loaded Profiles: zola92 (Available Profiles: zola92) Platform: Microsoft Windows 10 Pro (X86) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (HP) C:\Windows\System32\HPSIsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Google Inc.) C:\Program Files\Google\Update\1.3.28.15\GoogleCrashHandler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Company) C:\Program Files\Popcorn Time\Updater.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Hewlett-Packard Company) C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-08-18] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap.dll,ShadowPlayOnSystemStart HKU\S-1-5-21-728440190-1536315488-1857080609-1001\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-728440190-1536315488-1857080609-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-20] (Piriform Ltd) HKU\S-1-5-21-728440190-1536315488-1857080609-1001\...\Run: [Flvto YouTube Downloader] => "C:\Users\zola92\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe" /minimize GroupPolicyScripts: Restriction <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50 Tcpip\..\Interfaces\{9c79bbfe-0465-4d74-8f7e-4c65916aadbf}: [DhcpNameServer] 89.216.1.30 89.216.1.50 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] HKU\S-1-5-21-728440190-1536315488-1857080609-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici] SearchScopes: HKU\S-1-5-21-728440190-1536315488-1857080609-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO: Ó¦ÓĂ±¦Ň»Ľü°˛×°˛ĺĽţ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\zola92\AppData\Roaming\Mozilla\Firefox\Profiles\nw1q339g.default-1428662967347 FF Homepage: [Link mogu videti samo ulogovani korisnici] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation) FF Plugin: @qq.com/npAndroidAssistant -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-728440190-1536315488-1857080609-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\zola92\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS) FF Extension: Gmail Notifier (restartless) - C:\Users\zola92\AppData\Roaming\Mozilla\Firefox\Profiles\nw1q339g.default-1428662967347\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2015-04-10] FF Extension: YouTube High Definition - C:\Users\zola92\AppData\Roaming\Mozilla\Firefox\Profiles\nw1q339g.default-1428662967347\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-08-12] FF Extension: Adblock Plus - C:\Users\zola92\AppData\Roaming\Mozilla\Firefox\Profiles\nw1q339g.default-1428662967347\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-10] Chrome: ======= CHR Profile: C:\Users\zola92\AppData\Local\Google\Chrome\User Data\Default ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-08-18] (NVIDIA Corporation) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-08-18] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2015-08-18] (NVIDIA Corporation) R2 Update service; C:\Program Files\Popcorn Time\Updater.exe [179200 2014-09-08] (Company) [File not signed] R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation) S3 WsAppService; C:\Program Files\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare) S2 PerfTraceService; "C:\Program Files\Tencent\QQBrowser\Service\PerfTraceService.exe" [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus.sys [15744 2014-10-09] (LG Electronics Inc.) S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys [23680 2014-10-09] (LG Electronics Inc.) S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys [28416 2014-10-09] (LG Electronics Inc.) R3 Atc002; C:\WINDOWS\System32\drivers\l260x86.sys [29184 2015-07-10] (Atheros Communications, Inc.) S3 bthav; C:\WINDOWS\system32\drivers\bthav.sys [34816 2008-07-10] (CSR, plc) [File not signed] S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-05-27] (Disc Soft Ltd) R2 giveio; C:\WINDOWS\system32\giveio.sys [5248 1996-04-03] () [File not signed] R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Chicony) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation) R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [5810 2004-08-13] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation) R2 SecDrv; C:\WINDOWS\system32\drivers\SECDRV.SYS [12464 2015-09-24] (Macrovision Europe Ltd) [File not signed] R2 speedfan; C:\WINDOWS\system32\speedfan.sys [24184 2012-12-29] (Almico Software) S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] () S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2014-08-15] (Apple, Inc.) [File not signed] S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation) S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation) R1 ZAM; C:\Windows\System32\drivers\zam32.sys [90344 2015-02-19] (Zemana Ltd.) S1 QMUdisk; \??\C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QMUdisk.sys [X] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-25 00:42 - 2015-09-25 00:43 - 00013151 _____ C:\Users\zola92\Desktop\FRST.txt 2015-09-25 00:38 - 2015-09-25 00:38 - 00000000 ___HD C:\OneDriveTemp 2015-09-25 00:37 - 2015-09-25 00:37 - 00016148 _____ C:\WINDOWS\system32\DESKTOP_zola92_HistoryPrediction.bin 2015-09-24 23:47 - 2015-09-24 23:47 - 00012464 _____ (Macrovision Europe Ltd) C:\WINDOWS\system32\Drivers\SECDRV.SYS 2015-09-24 23:46 - 2015-09-24 23:46 - 00000620 _____ C:\WINDOWS\eReg.dat 2015-09-24 19:34 - 2015-09-25 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件 2015-09-24 18:52 - 2015-09-25 00:42 - 00000000 ____D C:\FRST 2015-09-24 18:50 - 2015-09-24 18:51 - 01695744 _____ (Farbar) C:\Users\zola92\Desktop\FRST.exe 2015-09-24 14:11 - 2015-09-24 14:11 - 00083520 _____ (Tencent Inc.) C:\WINDOWS\system32\Drivers\TsQBDrv.sys 2015-09-24 14:04 - 2015-09-24 14:04 - 00000000 ____D C:\ProgramData\TXQMPC 2015-09-24 14:01 - 2015-09-24 14:01 - 00000000 ____D C:\ProgramData\Rising 2015-09-24 14:00 - 2015-09-25 00:37 - 00000302 _____ C:\WINDOWS\Tasks\QQBrowser Udpater Task(Core).job 2015-09-24 13:59 - 2015-09-25 00:36 - 00000298 _____ C:\WINDOWS\Tasks\QQBrowser Udpater Task.job 2015-09-24 13:58 - 2015-09-25 00:24 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 2015-09-24 13:58 - 2015-09-24 19:33 - 00000000 ____D C:\Program Files\Common Files\Tencent 2015-09-24 13:58 - 2015-09-24 13:58 - 00150072 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFlt.sys 2015-09-24 13:58 - 2015-09-24 13:58 - 00138552 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel.sys 2015-09-24 13:58 - 2015-09-24 13:58 - 00014008 _____ (Tencent) C:\WINDOWS\system32\Drivers\TSDefenseBt.sys 2015-09-24 13:56 - 2015-09-24 19:04 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Tencent 2015-09-24 13:56 - 2015-09-24 18:33 - 00000000 ____D C:\ProgramData\Tencent 2015-09-24 13:23 - 2015-09-24 13:23 - 00000000 ____D C:\Users\zola92\AppData\Roaming\WB_CFG 2015-09-24 13:18 - 2015-09-25 00:36 - 00000000 ____D C:\ProgramData\uiksdl201592411 2015-09-24 13:18 - 2015-09-24 13:18 - 00000000 ____D C:\Users\zola92\AppData\Roaming\ppslog 2015-09-24 13:18 - 2015-09-24 13:18 - 00000000 ____D C:\ProgramData\adb 2015-09-24 13:18 - 2015-09-24 13:18 - 00000000 ____D C:\ppsfile 2015-09-24 13:17 - 2015-09-24 13:17 - 00000000 ____D C:\Users\zola92\AppData\Local\Unity 2015-09-24 13:16 - 2015-09-24 13:16 - 00000000 ____D C:\Users\Public\QiYi 2015-09-23 23:40 - 2015-09-23 23:40 - 00000000 ____D C:\ProgramData\Steam 2015-09-23 21:23 - 2015-09-23 21:39 - 00000000 ____D C:\Users\zola92\Downloads\Pro Evolution Soccer 2015 [RePack] 2015-09-23 18:02 - 2015-09-23 18:02 - 00000000 ____D C:\Users\zola92\AppData\Local\Setup Integrity Check 2015-09-18 20:49 - 2015-09-19 00:22 - 00000034 _____ C:\Users\zola92\Desktop\Aplikacije.txt 2015-09-14 18:03 - 2015-09-14 18:03 - 00000000 ____D C:\Users\zola92\AppData\Roaming\NVIDIA 2015-09-14 00:43 - 2015-09-14 00:43 - 00000000 ____D C:\ProgramData\SystemRequirementsLab 2015-09-14 00:43 - 2015-09-14 00:43 - 00000000 ____D C:\Program Files\SystemRequirementsLab 2015-09-13 16:26 - 2015-09-13 16:26 - 00000000 ____D C:\Users\zola92\AppData\Local\NVIDIA 2015-09-13 16:23 - 2015-09-13 16:23 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore 2015-09-13 16:22 - 2015-09-13 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-09-13 16:22 - 2015-08-18 10:47 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge.dll 2015-09-13 16:22 - 2015-08-18 10:47 - 01278920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap.dll 2015-09-13 16:21 - 2015-08-17 23:28 - 00606896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe 2015-09-13 16:18 - 2015-08-18 10:47 - 24200312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 16128768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2um.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 15294072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 14497568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dum.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 11272048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 11209376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 10704560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-09-13 16:18 - 2015-08-18 10:47 - 03987576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 02824176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 01059504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3234181.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 00912688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3234181.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 00907440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll 2015-09-13 16:18 - 2015-08-18 10:47 - 00869040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll 2015-09-13 16:16 - 2015-08-18 01:28 - 04388016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-09-13 16:16 - 2015-08-18 01:28 - 03062064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll 2015-09-13 16:16 - 2015-08-18 01:28 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-09-13 16:16 - 2015-08-18 01:28 - 00670512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-09-13 16:16 - 2015-08-18 01:28 - 00375088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-09-13 16:16 - 2015-08-18 01:28 - 00061744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-09-13 16:16 - 2015-08-18 00:02 - 05147024 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-09-13 16:15 - 2015-09-13 16:15 - 00000000 ____D C:\NVIDIA 2015-09-13 16:12 - 2015-09-25 00:37 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-13 16:03 - 2015-08-18 10:47 - 00060720 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-09-13 16:02 - 2015-09-13 16:02 - 01059528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3234174.dll 2015-09-13 16:02 - 2015-09-13 16:02 - 00911560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3234174.dll 2015-09-13 16:02 - 2015-08-18 10:47 - 00021015 _____ C:\WINDOWS\system32\nvinfo.pb 2015-09-10 16:48 - 2015-09-10 17:35 - 00000000 ____D C:\Users\zola92\Downloads\Filantropica (2002) DVDRip 2015-09-09 16:37 - 2015-09-24 14:00 - 00002242 _____ C:\Users\zola92\Desktop\Popcorn Time.lnk 2015-09-09 16:36 - 2015-09-09 16:36 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2015-09-09 10:35 - 2015-09-02 04:04 - 00069208 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-09-09 10:35 - 2015-09-02 02:31 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-09-09 10:35 - 2015-09-02 02:30 - 01134080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-09-09 10:35 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-09 10:35 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-09-09 10:35 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-09 10:35 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-09 10:35 - 2015-08-27 07:19 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-09 10:35 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-09-09 10:35 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-09 10:35 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 10:35 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-09 10:35 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-09 10:35 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-09 10:35 - 2015-08-27 07:11 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll 2015-09-09 10:35 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-09 10:35 - 2015-08-27 07:10 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-09-09 10:35 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-09 10:35 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-08 13:13 - 2015-09-15 15:00 - 00003651 _____ C:\WINDOWS\setupact.log 2015-09-08 13:13 - 2015-09-08 13:13 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-08-29 14:56 - 2015-08-29 14:56 - 00000000 ____D C:\Users\zola92\Desktop\modovi 2015-08-29 14:51 - 2015-09-25 00:36 - 00145760 _____ C:\WINDOWS\PFRO.log 2015-08-29 14:46 - 2015-08-20 07:25 - 06265168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-29 14:46 - 2015-08-20 07:22 - 00549160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-08-29 14:46 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-29 14:46 - 2015-08-20 06:46 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-29 14:46 - 2015-08-20 06:41 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-08-29 14:46 - 2015-08-20 06:35 - 01829376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-08-29 14:46 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-29 14:46 - 2015-08-18 09:26 - 00284000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-08-29 14:46 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-29 14:46 - 2015-08-18 09:14 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll 2015-08-29 14:46 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2015-08-29 14:46 - 2015-08-18 08:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-08-29 14:46 - 2015-08-18 08:47 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-08-29 14:46 - 2015-08-18 08:41 - 01161216 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2015-08-29 14:46 - 2015-08-18 08:40 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-29 14:46 - 2015-08-18 08:38 - 01875968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-08-29 14:46 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll 2015-08-29 14:46 - 2015-08-18 08:35 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll 2015-08-29 14:46 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2015-08-29 14:46 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll 2015-08-29 14:46 - 2015-08-18 08:35 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll 2015-08-29 14:46 - 2015-08-18 08:34 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-08-29 14:46 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2015-08-29 14:46 - 2015-08-18 08:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2015-08-29 14:46 - 2015-08-18 08:31 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-29 14:46 - 2015-08-18 08:30 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2015-08-29 14:46 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-29 14:46 - 2015-08-18 08:26 - 01499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-29 14:46 - 2015-08-18 08:26 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-08-29 14:46 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2015-08-29 14:46 - 2015-08-18 06:42 - 00006631 _____ C:\WINDOWS\system32\ResPriHMImageList 2015-08-29 14:46 - 2015-08-18 06:42 - 00006313 _____ C:\WINDOWS\system32\ResPriImageList 2015-08-29 14:23 - 2015-09-25 00:38 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-08-29 11:46 - 2015-09-24 14:03 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-08-27 21:31 - 2015-08-27 21:31 - 00000000 ____D C:\Program Files\Common Files\Java 2015-08-27 21:30 - 2015-08-27 21:30 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Sun 2015-08-27 21:30 - 2015-08-27 21:30 - 00000000 ____D C:\Users\zola92\.oracle_jre_usage 2015-08-27 15:37 - 2015-08-27 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-25 00:38 - 2014-02-06 14:27 - 00000000 ____D C:\ProgramData\MCShield 2015-09-25 00:38 - 2014-02-05 20:03 - 00000000 ___DO C:\Users\zola92\SkyDrive 2015-09-25 00:37 - 2015-07-10 11:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-25 00:37 - 2014-07-12 16:25 - 00000906 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-25 00:36 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-25 00:36 - 2015-07-10 08:59 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-09-25 00:25 - 2015-03-06 20:41 - 00000000 ____D C:\Users\zola92\AppData\Roaming\qBittorrent 2015-09-25 00:21 - 2014-07-12 16:25 - 00000910 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-25 00:13 - 2014-09-29 15:46 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-09-24 23:58 - 2014-05-17 14:50 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-09-24 18:46 - 2015-05-25 14:54 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-09-24 14:13 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-24 14:04 - 2015-07-10 11:53 - 00345504 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-24 14:03 - 2015-07-29 20:54 - 00000000 ____D C:\Users\zola92 2015-09-24 14:03 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\schemas 2015-09-24 14:03 - 2014-02-05 19:09 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-09-24 14:02 - 2015-08-11 15:40 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2015-09-24 14:02 - 2015-07-29 21:06 - 00001520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-09-24 14:02 - 2015-05-25 14:54 - 00001158 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-09-24 14:02 - 2015-05-25 14:07 - 00000916 _____ C:\Users\Public\Desktop\AIMP3.lnk 2015-09-24 14:02 - 2014-09-21 15:53 - 00000962 _____ C:\Users\Public\Desktop\Steam.lnk 2015-09-24 14:02 - 2014-07-23 23:49 - 00001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk 2015-09-24 14:02 - 2014-04-22 08:51 - 00001063 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-09-24 14:02 - 2014-02-20 13:10 - 00001371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2015-09-24 14:02 - 2014-02-20 13:10 - 00001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2015-09-24 14:02 - 2014-02-06 14:32 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-09-24 14:02 - 2014-02-05 19:09 - 00001129 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-09-24 14:00 - 2015-08-07 13:57 - 00001069 _____ C:\Users\zola92\Desktop\SpeedFan.lnk 2015-09-24 14:00 - 2015-07-29 21:37 - 00002374 _____ C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-09-24 14:00 - 2015-06-13 21:32 - 00002295 _____ C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto YouTube Downloader.lnk 2015-09-24 14:00 - 2015-06-13 21:32 - 00001475 _____ C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Flvto YouTube Downloader.lnk 2015-09-24 14:00 - 2015-03-14 12:56 - 00000708 _____ C:\Users\zola92\Desktop\SAMP.lnk 2015-09-24 14:00 - 2015-03-07 15:42 - 00000716 _____ C:\Users\zola92\Desktop\GTA San Andreas.lnk 2015-09-24 14:00 - 2014-10-27 20:42 - 00000914 _____ C:\Users\zola92\Desktop\Pro Evolution Soccer 2013.lnk 2015-09-24 14:00 - 2014-08-28 12:35 - 00001279 _____ C:\Users\zola92\Desktop\.minecraft - Shortcut.lnk 2015-09-24 14:00 - 2014-08-28 12:33 - 00002321 _____ C:\Users\zola92\Desktop\Minecraft.lnk 2015-09-24 14:00 - 2014-07-23 23:49 - 00001096 _____ C:\Users\zola92\Desktop\KeePass.lnk 2015-09-24 13:58 - 2014-02-05 17:24 - 00000000 ____D C:\Users\zola92\AppData\Local\VirtualStore 2015-09-24 13:52 - 2014-02-05 16:17 - 00000000 ___RD C:\Users\zola92\Radovi 2015-09-24 13:20 - 2014-10-27 10:07 - 00000000 ____D C:\Users\zola92\Desktop\Tor Browser 2015-09-24 13:16 - 2015-07-10 10:28 - 00000000 ___RD C:\Users\Public 2015-09-24 11:57 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Microsoft.NET 2015-09-23 23:40 - 2014-04-25 00:36 - 00000000 ____D C:\ProgramData\KONAMI 2015-09-23 23:40 - 2014-04-24 18:54 - 00000000 ____D C:\Users\zola92\Documents\KONAMI 2015-09-22 15:38 - 2015-07-10 10:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-21 18:03 - 2014-10-15 11:59 - 00000000 ____D C:\Users\zola92\AppData\Local\Popcorn-Time 2015-09-19 21:19 - 2013-07-13 20:49 - 00000324 _____ C:\Users\zola92\Desktop\Filmovi.txt 2015-09-15 21:15 - 2015-07-29 21:17 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-09-15 18:12 - 2015-07-10 10:29 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-09-15 18:12 - 2015-07-10 10:29 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-09-13 18:10 - 2014-02-05 21:03 - 00000000 ____D C:\Users\zola92\AppData\Roaming\MPC-HC 2015-09-13 16:27 - 2015-07-29 20:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-09-13 16:27 - 2014-02-05 17:50 - 00000000 ____D C:\Users\zola92\AppData\Local\NVIDIA Corporation 2015-09-13 16:22 - 2015-07-29 20:47 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-09-13 16:15 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Help 2015-09-13 16:05 - 2015-07-10 12:49 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-13 16:05 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-09-09 16:36 - 2015-07-30 12:07 - 00000000 ____D C:\Users\zola92\AppData\Local\Popcorn Time 2015-09-09 11:48 - 2014-02-07 12:17 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-09 11:42 - 2014-02-05 21:24 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-09 11:32 - 2014-10-20 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-08-31 15:51 - 2015-08-07 13:57 - 00000000 ____D C:\Program Files\SpeedFan 2015-08-29 14:19 - 2014-09-21 15:53 - 00000000 ____D C:\Program Files\Steam 2015-08-29 14:19 - 2014-05-12 15:12 - 00000000 ____D C:\Users\zola92\AppData\Roaming\AIMP3 2015-08-29 14:18 - 2015-07-30 06:44 - 00000000 ___DC C:\WINDOWS\Panther 2015-08-29 14:04 - 2014-04-22 08:51 - 00000000 ____D C:\Program Files\CCleaner 2015-08-28 12:42 - 2014-08-08 11:57 - 00000000 ____D C:\Users\zola92\Desktop\Nikola 2015-08-27 21:38 - 2014-02-05 21:49 - 00000000 ____D C:\ProgramData\Oracle 2015-08-27 21:31 - 2014-12-30 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-27 21:31 - 2014-12-30 22:27 - 00000000 ____D C:\Program Files\Java 2015-08-27 21:30 - 2014-12-30 22:28 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-08-27 15:37 - 2015-03-06 20:40 - 00000000 ____D C:\Program Files\qBittorrent 2015-08-26 18:36 - 2014-02-07 12:17 - 132039072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Files in the root of some directories ======= 2015-01-03 18:06 - 2015-01-03 18:06 - 0000017 _____ () C:\Users\zola92\AppData\Local\resmon.resmoncfg 2014-03-25 19:04 - 2014-03-25 19:04 - 0670909 _____ () C:\ProgramData\1395765947.bdinstall.bin 2014-03-25 19:10 - 2014-03-25 19:10 - 0306052 _____ () C:\ProgramData\1395767149.bdinstall.bin 2014-03-25 19:09 - 2014-03-25 19:09 - 0050052 _____ () C:\ProgramData\1395767373.bdinstall.bin 2014-03-25 19:21 - 2014-03-25 19:21 - 0506064 _____ () C:\ProgramData\1395767696.bdinstall.bin 2014-04-21 20:30 - 2014-04-21 20:30 - 0257825 _____ () C:\ProgramData\1398104867.bdinstall.bin 2014-04-21 20:45 - 2014-04-21 20:45 - 0032600 _____ () C:\ProgramData\1398105896.bdinstall.bin 2014-07-12 12:24 - 2014-07-12 12:24 - 0546190 _____ () C:\ProgramData\1405160195.bdinstall.bin 2014-07-16 23:57 - 2014-07-16 23:57 - 0262009 _____ () C:\ProgramData\1405547716.bdinstall.bin 2015-07-29 20:47 - 2015-07-29 20:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\zola92\AppData\Local\Temp\AutoRun.exe C:\Users\zola92\AppData\Local\Temp\AutoRunGUI.dll C:\Users\zola92\AppData\Local\Temp\eauninstall.exe C:\Users\zola92\AppData\Local\Temp\install1754835.exe C:\Users\zola92\AppData\Local\Temp\IQIYIsetup_spl004@kb037.exe C:\Users\zola92\AppData\Local\Temp\nvSCPAPI.dll C:\Users\zola92\AppData\Local\Temp\nvSCPAPISvr.exe C:\Users\zola92\AppData\Local\Temp\nvStInst.exe C:\Users\zola92\AppData\Local\Temp\qqpcmgr_v10.10.16444.223_8885760_Silence.exe C:\Users\zola92\AppData\Local\Temp\setup3.exe C:\Users\zola92\AppData\Local\Temp\sfamcc00001.dll C:\Users\zola92\AppData\Local\Temp\SRLDetectionLibrary98554963914544990.dll C:\Users\zola92\AppData\Local\Temp\update.exe C:\Users\zola92\AppData\Local\Temp\V8._85772_20150906124116.exe C:\Users\zola92\AppData\Local\Temp\wgjiklit_533_setup.exe C:\Users\zola92\AppData\Local\Temp\yyzb_19-3.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-18 10:44 ==================== End of FRST.txt ============================ [Link mogu videti samo ulogovani korisnici]

Profil

TwinHeadedEagle Poslao: 25 Sep 2015 12:37 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Ovaj fix bi trebao da pocisti sve ostatke: 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: createrestorepoint: closeprocesses: emptytemp: CustomCLSID: HKU\S-1-5-21-728440190-1536315488-1857080609-1001_Classes\CLSID\{61CED8F3-2CB2-4C3C-9484-7530E1127A58}\InprocServer32 -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File CustomCLSID: HKU\S-1-5-21-728440190-1536315488-1857080609-1001_Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}\InprocServer32 -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File CustomCLSID: HKU\S-1-5-21-728440190-1536315488-1857080609-1001_Classes\CLSID\{F3D0D36F-23F8-4682-A195-74C92B03D4AF-NOT}\InprocServer32 -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File Task: {07648131-FD91-405E-BB1A-9F2C1F278A17} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated) Task: {0AA00F76-FBC7-41AB-8005-477E306DE634} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {3E5DC5D1-F8E7-47CF-A250-5289E3E64D0C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {4A4B8A36-9287-4334-AE2F-5E6B82D0ECFC} - \RealDownloaderRealUpgradeScheduledTaskS-1-5-21-728440190-1536315488-1857080609-1001 -> No File <==== ATTENTION Task: {57D396D1-6666-401E-9BA1-F8E8DA0903CF} - \RealDownloaderDownloaderScheduledTaskS-1-5-21-728440190-1536315488-1857080609-1001 -> No File <==== ATTENTION Task: {583DAFB7-2F23-4A7D-92A5-2862548379D2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {6A825AD3-209C-4054-8408-FBEA920ED49A} - System32\Tasks\QQBrowser Udpater Task => C:\Program Files\Tencent\QQBrowser\QQBrowser.exe Task: {73A23BDC-B1C3-4B15-81BB-3EE8B8FA73BC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {7DC89A6E-03B5-448C-8E10-259208659548} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {7F0375F1-7C17-40CC-81CB-7916B52ECC6D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {A68A3CF3-73FA-4929-9A95-109B294E9E9C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {B95C02FC-9DD4-4246-B3A0-A53D2622438F} - \RealDownloaderRealUpgradeLogonTaskS-1-5-21-728440190-1536315488-1857080609-1001 -> No File <==== ATTENTION Task: {CC150188-0EFA-4C1C-86BC-9EAB42559C95} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {E46702F0-7C57-4C66-9191-10AF1034795E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {E84AE203-E9E0-48C9-A645-2D9FDB3FFE80} - System32\Tasks\QQBrowser Udpater Task(Core) => C:\Program Files\Tencent\QQBrowser\QQBrowser.exe Task: {E85012F1-B1A9-49E3-8541-76C589B458A4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {ED4DF4E7-78BA-4C4D-B161-668C163F01C8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: C:\WINDOWS\Tasks\QQBrowser Udpater Task(Core).job => C:\Program Files\Tencent\QQBrowser\QQBrowser.exe Task: C:\WINDOWS\Tasks\QQBrowser Udpater Task.job => C:\Program Files\Tencent\QQBrowser\QQBrowser.exe C:\Program Files\Tencent AlternateDataStreams: C:\Users\zola92\SkyDrive:ms-properties GroupPolicyScripts: Restriction <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION S2 PerfTraceService; "C:\Program Files\Tencent\QQBrowser\Service\PerfTraceService.exe" [X] S1 QMUdisk; \??\C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QMUdisk.sys [X] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] 2015-09-24 14:11 - 2015-09-24 14:11 - 00083520 _____ (Tencent Inc.) C:\WINDOWS\system32\Drivers\TsQBDrv.sys 2015-09-24 14:04 - 2015-09-24 14:04 - 00000000 ____D C:\ProgramData\TXQMPC 2015-09-24 14:01 - 2015-09-24 14:01 - 00000000 ____D C:\ProgramData\Rising 2015-09-24 14:00 - 2015-09-25 00:37 - 00000302 _____ C:\WINDOWS\Tasks\QQBrowser Udpater Task(Core).job 2015-09-24 13:59 - 2015-09-25 00:36 - 00000298 _____ C:\WINDOWS\Tasks\QQBrowser Udpater Task.job 2015-09-24 13:58 - 2015-09-25 00:24 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 2015-09-24 13:58 - 2015-09-24 19:33 - 00000000 ____D C:\Program Files\Common Files\Tencent 2015-09-24 13:58 - 2015-09-24 13:58 - 00150072 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFlt.sys 2015-09-24 13:58 - 2015-09-24 13:58 - 00138552 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel.sys 2015-09-24 13:58 - 2015-09-24 13:58 - 00014008 _____ (Tencent) C:\WINDOWS\system32\Drivers\TSDefenseBt.sys 2015-09-24 13:56 - 2015-09-24 19:04 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Tencent 2015-09-24 13:56 - 2015-09-24 18:33 - 00000000 ____D C:\ProgramData\Tencent 2014-03-25 19:04 - 2014-03-25 19:04 - 0670909 _____ () C:\ProgramData\1395765947.bdinstall.bin 2014-03-25 19:10 - 2014-03-25 19:10 - 0306052 _____ () C:\ProgramData\1395767149.bdinstall.bin 2014-03-25 19:09 - 2014-03-25 19:09 - 0050052 _____ () C:\ProgramData\1395767373.bdinstall.bin 2014-03-25 19:21 - 2014-03-25 19:21 - 0506064 _____ () C:\ProgramData\1395767696.bdinstall.bin 2014-04-21 20:30 - 2014-04-21 20:30 - 0257825 _____ () C:\ProgramData\1398104867.bdinstall.bin 2014-04-21 20:45 - 2014-04-21 20:45 - 0032600 _____ () C:\ProgramData\1398105896.bdinstall.bin 2014-07-12 12:24 - 2014-07-12 12:24 - 0546190 _____ () C:\ProgramData\1405160195.bdinstall.bin 2014-07-16 23:57 - 2014-07-16 23:57 - 0262009 _____ () C:\ProgramData\1405547716.bdinstall.bin 2015-07-29 20:47 - 2015-07-29 20:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

zola92 Poslao: 25 Sep 2015 13:09 Idi na vrh
offline zola92 Super građanin Pridružio: 20 Mar 2011 Poruke: 1316 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo novog loga: Fix result of Farbar Recovery Scan Tool (x86) Version:23-09-2015 Ran by zola92 (2015-09-25 12:57:49) Run:1 Running from C:\Users\zola92\Desktop Loaded Profiles: zola92 (Available Profiles: zola92) Boot Mode: Normal ============================================== fixlist content: *************** createrestorepoint: closeprocesses: emptytemp: CustomCLSID: HKU\S-1-5-21-728440190-1536315488-1857080609-1001_Classes\CLSID\{61CED8F3-2CB2-4C3C-9484-7530E1127A58}\InprocServer32 -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File CustomCLSID: HKU\S-1-5-21-728440190-1536315488-1857080609-1001_Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}\InprocServer32 -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File CustomCLSID: HKU\S-1-5-21-728440190-1536315488-1857080609-1001_Classes\CLSID\{F3D0D36F-23F8-4682-A195-74C92B03D4AF-NOT}\InprocServer32 -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File Task: {07648131-FD91-405E-BB1A-9F2C1F278A17} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated) Task: {0AA00F76-FBC7-41AB-8005-477E306DE634} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {3E5DC5D1-F8E7-47CF-A250-5289E3E64D0C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {4A4B8A36-9287-4334-AE2F-5E6B82D0ECFC} - \RealDownloaderRealUpgradeScheduledTaskS-1-5-21-728440190-1536315488-1857080609-1001 -> No File <==== ATTENTION Task: {57D396D1-6666-401E-9BA1-F8E8DA0903CF} - \RealDownloaderDownloaderScheduledTaskS-1-5-21-728440190-1536315488-1857080609-1001 -> No File <==== ATTENTION Task: {583DAFB7-2F23-4A7D-92A5-2862548379D2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {6A825AD3-209C-4054-8408-FBEA920ED49A} - System32\Tasks\QQBrowser Udpater Task => C:\Program Files\Tencent\QQBrowser\QQBrowser.exe Task: {73A23BDC-B1C3-4B15-81BB-3EE8B8FA73BC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {7DC89A6E-03B5-448C-8E10-259208659548} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {7F0375F1-7C17-40CC-81CB-7916B52ECC6D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {A68A3CF3-73FA-4929-9A95-109B294E9E9C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {B95C02FC-9DD4-4246-B3A0-A53D2622438F} - \RealDownloaderRealUpgradeLogonTaskS-1-5-21-728440190-1536315488-1857080609-1001 -> No File <==== ATTENTION Task: {CC150188-0EFA-4C1C-86BC-9EAB42559C95} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {E46702F0-7C57-4C66-9191-10AF1034795E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {E84AE203-E9E0-48C9-A645-2D9FDB3FFE80} - System32\Tasks\QQBrowser Udpater Task(Core) => C:\Program Files\Tencent\QQBrowser\QQBrowser.exe Task: {E85012F1-B1A9-49E3-8541-76C589B458A4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {ED4DF4E7-78BA-4C4D-B161-668C163F01C8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: C:\WINDOWS\Tasks\QQBrowser Udpater Task(Core).job => C:\Program Files\Tencent\QQBrowser\QQBrowser.exe Task: C:\WINDOWS\Tasks\QQBrowser Udpater Task.job => C:\Program Files\Tencent\QQBrowser\QQBrowser.exe C:\Program Files\Tencent AlternateDataStreams: C:\Users\zola92\SkyDrive:ms-properties GroupPolicyScripts: Restriction <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION S2 PerfTraceService; "C:\Program Files\Tencent\QQBrowser\Service\PerfTraceService.exe" [X] S1 QMUdisk; \??\C:\Program Files\Tencent\QQPCMgr\10.10.16444.223\QMUdisk.sys [X] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] 2015-09-24 14:11 - 2015-09-24 14:11 - 00083520 _____ (Tencent Inc.) C:\WINDOWS\system32\Drivers\TsQBDrv.sys 2015-09-24 14:04 - 2015-09-24 14:04 - 00000000 ____D C:\ProgramData\TXQMPC 2015-09-24 14:01 - 2015-09-24 14:01 - 00000000 ____D C:\ProgramData\Rising 2015-09-24 14:00 - 2015-09-25 00:37 - 00000302 _____ C:\WINDOWS\Tasks\QQBrowser Udpater Task(Core).job 2015-09-24 13:59 - 2015-09-25 00:36 - 00000298 _____ C:\WINDOWS\Tasks\QQBrowser Udpater Task.job 2015-09-24 13:58 - 2015-09-25 00:24 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???? 2015-09-24 13:58 - 2015-09-24 19:33 - 00000000 ____D C:\Program Files\Common Files\Tencent 2015-09-24 13:58 - 2015-09-24 13:58 - 00150072 _____ (????) C:\WINDOWS\system32\Drivers\TFsFlt.sys 2015-09-24 13:58 - 2015-09-24 13:58 - 00138552 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel.sys 2015-09-24 13:58 - 2015-09-24 13:58 - 00014008 _____ (Tencent) C:\WINDOWS\system32\Drivers\TSDefenseBt.sys 2015-09-24 13:56 - 2015-09-24 19:04 - 00000000 ____D C:\Users\zola92\AppData\Roaming\Tencent 2015-09-24 13:56 - 2015-09-24 18:33 - 00000000 ____D C:\ProgramData\Tencent 2014-03-25 19:04 - 2014-03-25 19:04 - 0670909 _____ () C:\ProgramData\1395765947.bdinstall.bin 2014-03-25 19:10 - 2014-03-25 19:10 - 0306052 _____ () C:\ProgramData\1395767149.bdinstall.bin 2014-03-25 19:09 - 2014-03-25 19:09 - 0050052 _____ () C:\ProgramData\1395767373.bdinstall.bin 2014-03-25 19:21 - 2014-03-25 19:21 - 0506064 _____ () C:\ProgramData\1395767696.bdinstall.bin 2014-04-21 20:30 - 2014-04-21 20:30 - 0257825 _____ () C:\ProgramData\1398104867.bdinstall.bin 2014-04-21 20:45 - 2014-04-21 20:45 - 0032600 _____ () C:\ProgramData\1398105896.bdinstall.bin 2014-07-12 12:24 - 2014-07-12 12:24 - 0546190 _____ () C:\ProgramData\1405160195.bdinstall.bin 2014-07-16 23:57 - 2014-07-16 23:57 - 0262009 _____ () C:\ProgramData\1405547716.bdinstall.bin 2015-07-29 20:47 - 2015-07-29 20:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl *************** Error: (0) Failed to create a restore point. Processes closed successfully. "HKU\S-1-5-21-728440190-1536315488-1857080609-1001_Classes\CLSID\{61CED8F3-2CB2-4C3C-9484-7530E1127A58}" => key removed successfully. "HKU\S-1-5-21-728440190-1536315488-1857080609-1001_Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}" => key removed successfully. "HKU\S-1-5-21-728440190-1536315488-1857080609-1001_Classes\CLSID\{F3D0D36F-23F8-4682-A195-74C92B03D4AF-NOT}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07648131-FD91-405E-BB1A-9F2C1F278A17}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07648131-FD91-405E-BB1A-9F2C1F278A17}" => key removed successfully. C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0AA00F76-FBC7-41AB-8005-477E306DE634}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AA00F76-FBC7-41AB-8005-477E306DE634}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E5DC5D1-F8E7-47CF-A250-5289E3E64D0C}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E5DC5D1-F8E7-47CF-A250-5289E3E64D0C}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A4B8A36-9287-4334-AE2F-5E6B82D0ECFC}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A4B8A36-9287-4334-AE2F-5E6B82D0ECFC}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-728440190-1536315488-1857080609-1001" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57D396D1-6666-401E-9BA1-F8E8DA0903CF}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57D396D1-6666-401E-9BA1-F8E8DA0903CF}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderDownloaderScheduledTaskS-1-5-21-728440190-1536315488-1857080609-1001" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{583DAFB7-2F23-4A7D-92A5-2862548379D2}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{583DAFB7-2F23-4A7D-92A5-2862548379D2}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A825AD3-209C-4054-8408-FBEA920ED49A}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A825AD3-209C-4054-8408-FBEA920ED49A}" => key removed successfully. C:\Windows\System32\Tasks\QQBrowser Udpater Task => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QQBrowser Udpater Task" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73A23BDC-B1C3-4B15-81BB-3EE8B8FA73BC}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73A23BDC-B1C3-4B15-81BB-3EE8B8FA73BC}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DC89A6E-03B5-448C-8E10-259208659548}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DC89A6E-03B5-448C-8E10-259208659548}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F0375F1-7C17-40CC-81CB-7916B52ECC6D}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F0375F1-7C17-40CC-81CB-7916B52ECC6D}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A68A3CF3-73FA-4929-9A95-109B294E9E9C}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A68A3CF3-73FA-4929-9A95-109B294E9E9C}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B95C02FC-9DD4-4246-B3A0-A53D2622438F}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B95C02FC-9DD4-4246-B3A0-A53D2622438F}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeLogonTaskS-1-5-21-728440190-1536315488-1857080609-1001" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC150188-0EFA-4C1C-86BC-9EAB42559C95}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC150188-0EFA-4C1C-86BC-9EAB42559C95}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E46702F0-7C57-4C66-9191-10AF1034795E}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E46702F0-7C57-4C66-9191-10AF1034795E}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E84AE203-E9E0-48C9-A645-2D9FDB3FFE80}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E84AE203-E9E0-48C9-A645-2D9FDB3FFE80}" => key removed successfully. C:\Windows\System32\Tasks\QQBrowser Udpater Task(Core) => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QQBrowser Udpater Task(Core)" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E85012F1-B1A9-49E3-8541-76C589B458A4}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E85012F1-B1A9-49E3-8541-76C589B458A4}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED4DF4E7-78BA-4C4D-B161-668C163F01C8}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED4DF4E7-78BA-4C4D-B161-668C163F01C8}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully. C:\WINDOWS\Tasks\QQBrowser Udpater Task(Core).job => moved successfully C:\WINDOWS\Tasks\QQBrowser Udpater Task.job => moved successfully "C:\Program Files\Tencent" => File/Folder not found. C:\Users\zola92\SkyDrive => ":ms-properties" ADS removed successfully.. C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully "HKLM\SOFTWARE\Policies\Google" => key removed successfully. PerfTraceService => service removed successfully. QMUdisk => service removed successfully. wfpcapture => service removed successfully. C:\WINDOWS\system32\Drivers\TsQBDrv.sys => moved successfully C:\ProgramData\TXQMPC => moved successfully C:\ProgramData\Rising => moved successfully "C:\WINDOWS\Tasks\QQBrowser Udpater Task(Core).job" => File/Folder not found. "C:\WINDOWS\Tasks\QQBrowser Udpater Task.job" => File/Folder not found. "C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" folder move: Could not move "C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" => Scheduled to move on reboot. C:\Program Files\Common Files\Tencent => moved successfully C:\WINDOWS\system32\Drivers\TFsFlt.sys => moved successfully C:\WINDOWS\system32\Drivers\TAOKernel.sys => moved successfully C:\WINDOWS\system32\Drivers\TSDefenseBt.sys => moved successfully C:\Users\zola92\AppData\Roaming\Tencent => moved successfully C:\ProgramData\Tencent => moved successfully C:\ProgramData\1395765947.bdinstall.bin => moved successfully C:\ProgramData\1395767149.bdinstall.bin => moved successfully C:\ProgramData\1395767373.bdinstall.bin => moved successfully C:\ProgramData\1395767696.bdinstall.bin => moved successfully C:\ProgramData\1398104867.bdinstall.bin => moved successfully C:\ProgramData\1398105896.bdinstall.bin => moved successfully C:\ProgramData\1405160195.bdinstall.bin => moved successfully C:\ProgramData\1405547716.bdinstall.bin => moved successfully C:\ProgramData\DP45977C.lfl => moved successfully EmptyTemp: => 819.8 MB temporary data Removed. Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-09-25 13:05:32)<= "C:\Users\zola92\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" => Could not move ==== End of Fixlog 13:05:34 ====

Profil

TwinHeadedEagle Poslao: 25 Sep 2015 18:53 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li je sada sve u redu?

Profil

zola92 Poslao: 25 Sep 2015 23:49 Idi na vrh
offline zola92 Super građanin Pridružio: 20 Mar 2011 Poruke: 1316 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sad je sve ok, nema više Kineza . Hvala još jednom na pomoći

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Kineski malware

Ko je trenutno na forumu

Ukupno su 1928 korisnika na forumu :: 76 registrovanih, 4 sakrivenih i 1848 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 6018 - dana 19 Dec 2025 13:41

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: ajo baba, Aleksa-, ArchaBasha, bigbear, Boban0312, C-Gun, Cirkon, coaaco, darkkran, dekan.m, Desmond, Dioniss, doragan, eagle.rs, Feller, Frunze, galerija, Gitzherai, gomago, Great White, GT, GUARIN, Holy Saber, Ivoo, Jonbonjovi, Kajzer Soze, Kamov, KimiMR, Koser, kutija11, lacko, leopard83, LostInSpaceandTime, luka35, Major Tankosić, MaschinenPistole, mat, mean_machine, Mi lao shu, mikidragi, mikrimaus, MiroslavD, mr.lucas, MrNo, Natuzzi, nenad81, nobutado, novator, opt1, Pale2025, Panter, procesor, raso76, royst33, ruma, sale755, savaskytec, Sevatar, Sevetar, Sirius, Smiljkovich, suton, Tafocus, TTN, tuf, Uros Cuore Sportivo, vlad4, vuksa72, Wehicle, yiyi, Zeljo980, zlaya011, zokizemun, Zoran1959, Žoržo, 800077

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by