Kinez i problem sa prebacivanjem sa fotoaparata

1

Kinez i problem sa prebacivanjem sa fotoaparata

offline
  • Pridružio: 21 Mar 2016
  • Poruke: 15

Pozdrav.
Izgleda da sam opet pokupio kineza, a iskreno se nadam da je samo on u pitanju. Juce je sve pocelo otkako sam skidao neke drajvere jer mi nije htjelo da ocita slike sa fotoaparata. SD kartica je bila sasvim u redu, na fotoaparatu se prikazu slike, ali na lap topu nece da mi ocita. Pokusavao sam i na 2 razlicita kompjutera, i nije mi uspjelo ocitati. Pokusao sam skinuti neki drajver, jer sam mislio da je to u pitanju. Skidanjem tog drajvera mi je pocelo neko automatsko instaliranje nekih programa. Ukratko, sada imam instaliran opet taj neki kineski antivirus kojeg ne mogu da obrisem. A takodje mi otvara neke stranice automatski na pretrazivacu. Da li mi moze neko pomoci da obrisem taj kineski "antivirus", i ako neko zna da mi pomogne oko fotoaparata? Ne znam da li je to do fotoaparata ili do lap topa. Kad ubacim karticu pise da ima 70 slika, samo ih ne ocitava uopste.
Hvala u svakom slucaju.

U prilogu sam prikacio izvjestaje frst-a:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016
Ran by Win10 (administrator) on DESKTOP-FCVLAPJ (16-07-2016 15:56:14)
Running from C:\Users\Win10\Desktop
Loaded Profiles: Win10 (Available Profiles: Win10)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GTFPOQUOTT Updater\GTFPOQUOTT Updater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(2345.com) C:\Program Files (x86)\2345Soft\2345Explorer\Protect\Protect_2345Explorer.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Win10\AppData\Roaming\HPStocker\HPStockerSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
() C:\Users\Win10\AppData\Roaming\gplyra\gplyra.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(MediaApp) C:\Users\Win10\AppData\Roaming\Checkers\Draughts\Draughts.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13708016 2016-06-28] (Zemana Ltd.)
HKLM\...\Run: [gplyra] => C:\Users\Win10\AppData\Roaming\gplyra\gplyra.exe [1400320 2016-06-09] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] ()
HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\badu\uc.exe
HKLM-x32\...\Run: [EYAN] => C:\Users\Win10\AppData\Roaming\THREADAPP.exe
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\Run: [Draughts] => C:\Users\Win10\AppData\Roaming\Checkers\Draughts\Draughts.exe [522392 2016-07-15] (MediaApp)
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\MountPoints2: {683a27ba-d324-11e5-9bd6-d8c8c5c082fd} - "D:\setup.exe"
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => C:\Program Files\żěŃą\X64\KZipShell.dll [2016-07-15] ()
Startup: C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NHL® 09 Registration.lnk [2016-05-05]
ShortcutTarget: NHL® 09 Registration.lnk -> C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2c0272c6-460b-4241-adfe-5b99271948b0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-12] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-12] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-12] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Win10\AppData\Roaming\Mozilla\Firefox\Profiles\1u9vfzfi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Extension: Fast search v 0.25 - C:\Users\Win10\AppData\Roaming\Mozilla\Firefox\Profiles\1u9vfzfi.default\Extensions\{d720d64d-c71a-4316-b59e-8a41b860178f} [2016-07-16] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.ba/
CHR StartupUrls: Default -> "hxxp://www.google.ba/"
CHR Profile: C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-12]
CHR Extension: (Google Drive) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Lovac na sendviče) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\cebplboeldmlomimakpfhbhojajdpaki [2016-03-27]
CHR Extension: (Google Search) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (YOU.DJ app) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\defekohaofmambflfpfoojkmfdpcbgko [2016-03-27]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-05-29]
CHR Extension: (Tampermonkey) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-05-31]
CHR Extension: (Google Sheets) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-12]
CHR Extension: (Google Docs Offline) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-06]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2016-05-01]
CHR Extension: (Fast search v3.5) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\leenkjhmbcgekojlkimcbodmniopgfnp [2016-07-16]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2016-05-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR HKLM-x32\...\Chrome\Extension: [oaocmnfllndpbbmjmniielgaanaifehp] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 GTFPOQUOTT Updater; C:\Program Files (x86)\GTFPOQUOTT Updater\GTFPOQUOTT Updater.exe [313344 2016-07-06] () [File not signed] <==== ATTENTION
R2 HPStocker Service; C:\Users\Win10\AppData\Roaming\HPStocker\HPStockerSrv.exe [372224 2016-07-15] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Protect_2345Explorer; C:\Program Files (x86)\2345Soft\2345Explorer\Protect\Protect_2345Explorer.exe [191512 2016-05-11] (2345.com)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13708016 2016-06-28] (Zemana Ltd.)
S2 FastCompress; C:\Program Files (x86)\FastCompress-Zip\Fast_Support.exe [X]
S2 KuaizipUpdateChecker; C:\Program Files\żěŃą\X86\kuaizipUpdateChecker.dll [X]
S2 MaohaWifiSvr; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-07-16] (Advanced Micro Devices)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-16] (Disc Soft Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [31832 2016-07-16] (ELAN Microelectronic Corp.)
S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-16] (REALiX(tm))
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [936192 2016-07-16] (Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-07-16] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-05-27] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-05-27] (Zemana Ltd.)
S1 MaohaWifiNetPro; \??\C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaoHaWiFiNet64.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-16 15:56 - 2016-07-16 15:56 - 00016819 _____ C:\Users\Win10\Desktop\FRST.txt
2016-07-16 15:56 - 2016-07-16 15:56 - 00000000 ____D C:\FRST
2016-07-16 15:55 - 2016-07-16 15:55 - 02391040 _____ (Farbar) C:\Users\Win10\Desktop\FRST64.exe
2016-07-16 15:42 - 2016-07-16 15:42 - 00000000 ____D C:\Windows\SysWOW64\sda
2016-07-16 15:41 - 2016-07-16 15:41 - 00016148 _____ C:\Windows\system32\DESKTOP-FCVLAPJ_Win10_HistoryPrediction.bin
2016-07-16 13:40 - 2016-07-16 13:57 - 00000390 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2016-07-16 13:40 - 2016-07-16 13:40 - 00002818 _____ C:\Windows\System32\Tasks\DriverToolkit Autorun
2016-07-16 07:59 - 2016-07-16 07:59 - 00954155 _____ C:\Users\Win10\Desktop\Installer_For_Samsung_Digimax_101_Camera_Driver.zip
2016-07-16 07:54 - 2016-07-16 07:54 - 02449376 _____ (Megaify Software ) C:\Users\Win10\Desktop\DriverToolkitInstaller.exe
2016-07-16 07:54 - 2016-07-16 07:54 - 00001150 _____ C:\Users\Public\Desktop\DriverToolkit.lnk
2016-07-16 07:54 - 2016-07-16 07:54 - 00000000 ____D C:\Users\Win10\AppData\Local\DriverToolkit
2016-07-16 07:54 - 2016-07-16 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2016-07-16 07:54 - 2016-07-16 07:54 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2016-07-16 02:55 - 2016-07-16 02:55 - 00002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-07-16 02:55 - 2016-07-16 02:55 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-07-16 02:55 - 2016-07-16 02:55 - 00002182 _____ C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2016-07-16 02:55 - 2016-07-16 02:55 - 00002180 _____ C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk
2016-07-16 02:55 - 2016-07-16 02:55 - 00001039 _____ C:\Users\Win10\Desktop\Checkers.lnk
2016-07-16 02:55 - 2016-07-16 02:55 - 00000000 ____D C:\Users\Win10\AppData\Roaming\HPStocker
2016-07-16 02:55 - 2016-07-16 02:55 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Checkers
2016-07-16 02:54 - 2016-07-16 02:54 - 04530176 _____ C:\Users\Win10\Desktop\Remo_Recover_4.iso
2016-07-16 02:45 - 2016-07-16 02:45 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-07-16 02:45 - 2016-07-16 02:45 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-07-16 02:44 - 2016-07-16 02:44 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2016-07-16 02:44 - 2016-07-16 02:44 - 04330200 _____ (TODO: <Company name>) C:\Windows\RtCRU64.exe
2016-07-16 02:44 - 2016-07-16 02:44 - 00936192 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2016-07-16 02:44 - 2016-07-16 02:44 - 00413912 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2016-07-16 02:44 - 2016-07-16 02:44 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2016-07-16 02:44 - 2016-07-16 02:44 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2016-07-16 02:42 - 2016-07-16 02:43 - 01730328 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-07-16 02:42 - 2016-07-16 02:42 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys
2016-07-16 02:42 - 2016-07-16 02:42 - 00031832 _____ (ELAN Microelectronic Corp.) C:\Windows\system32\Drivers\ETDSMBus.sys
2016-07-16 02:38 - 2016-07-16 14:00 - 00003026 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Win10)
2016-07-16 02:38 - 2016-07-16 02:56 - 00003382 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-07-16 02:38 - 2016-07-16 02:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-07-16 02:38 - 2016-07-16 02:39 - 00000000 ____D C:\Users\Win10\AppData\LocalLow\IObit
2016-07-16 02:38 - 2016-07-16 02:38 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-07-16 02:38 - 2016-07-16 02:38 - 00000000 ____D C:\Windows\IObit
2016-07-16 02:38 - 2016-07-16 02:38 - 00000000 ____D C:\Users\Win10\AppData\Roaming\IObit
2016-07-16 02:38 - 2016-07-16 02:38 - 00000000 ____D C:\ProgramData\ProductData
2016-07-16 02:38 - 2016-07-16 02:38 - 00000000 ____D C:\ProgramData\IObit
2016-07-16 02:38 - 2016-07-16 02:38 - 00000000 ____D C:\Program Files (x86)\IObit
2016-07-16 02:37 - 2016-07-16 02:38 - 15023568 _____ (IObit ) C:\Users\Win10\Desktop\driver_booster_ds_setup.exe
2016-07-16 02:28 - 2016-07-16 02:28 - 00000000 ____D C:\Users\Public\Thunder Network
2016-07-16 02:28 - 2016-07-16 02:28 - 00000000 ____D C:\ProgramData\Thunder Network
2016-07-16 02:27 - 2016-07-16 02:32 - 00000000 ____D C:\Program Files (x86)\OSTotoSoft
2016-07-16 02:27 - 2016-07-16 02:28 - 00000000 ____D C:\ProgramData\DriverTalent
2016-07-16 02:27 - 2016-07-16 02:27 - 00000000 ____D C:\Users\Win10\AppData\Roaming\DriverTalent
2016-07-16 02:23 - 2016-07-16 02:24 - 10918040 _____ (OSToto Co., Ltd.) C:\Users\Win10\Desktop\DriverTalent_setup.exe
2016-07-16 02:11 - 2016-07-16 02:11 - 00347824 _____ (PC Drivers HeadQuarters LP) C:\Users\Win10\Desktop\DriverDetective.exe
2016-07-16 02:11 - 2016-07-16 02:11 - 00000000 ____D C:\Program Files (x86)\Driver Detective
2016-07-16 02:08 - 2016-07-16 02:08 - 00031121 _____ C:\Users\Win10\Desktop\samsung_digital_camera_usb_device_driver.zip
2016-07-16 01:32 - 2016-07-16 01:32 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\Win10\Desktop\driveragent-setup-1278.exe
2016-07-16 01:22 - 2016-07-16 01:22 - 03470120 _____ (Solvusoft Corporation ) C:\Users\Win10\Desktop\DriverDoc_2016_Setup.exe
2016-07-15 21:30 - 2016-07-06 07:10 - 01609728 _____ C:\Users\Win10\AppData\Roaming\YoyNotepad.exe
2016-07-15 21:29 - 2016-07-15 21:29 - 00001361 _____ C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2345王牌浏览器.lnk
2016-07-15 21:28 - 2016-07-15 21:29 - 00000000 ____D C:\Users\Win10\AppData\Local\2345Explorer
2016-07-15 21:28 - 2016-07-15 21:28 - 00000000 ____D C:\Program Files (x86)\2345Soft
2016-07-15 21:27 - 2016-07-15 21:27 - 00003268 _____ C:\Windows\System32\Tasks\{2CFA971F-9343-4817-B867-8173F1A0AAE2}
2016-07-15 21:27 - 2016-07-04 07:38 - 51373168 _____ (UCWeb Inc.) C:\Users\Win10\AppData\Roaming\Browser_V5.6.14087.7_r_4700_(Build1607010949).exe
2016-07-15 21:26 - 2016-07-04 07:53 - 51376752 _____ (UCWeb Inc.) C:\Users\Win10\AppData\Roaming\Browser_V5.6.14087.7_r_4681_(Build1607010949).exe
2016-07-15 21:25 - 2016-07-14 15:16 - 01613312 _____ C:\Users\Win10\AppData\Roaming\kpzip.exe
2016-07-15 21:25 - 2016-07-06 09:49 - 01613824 _____ C:\Users\Win10\AppData\Roaming\YellowSend.exe
2016-07-15 21:24 - 2016-07-15 21:24 - 07616340 _____ C:\Users\Win10\AppData\Roaming\setup.apk
2016-07-15 21:24 - 2016-07-15 21:24 - 00732869 _____ C:\Users\Win10\AppData\Roaming\xdo.zip
2016-07-15 21:24 - 2016-07-15 21:24 - 00000886 _____ C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2016-07-15 21:24 - 2016-07-15 21:24 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Softlink
2016-07-15 21:24 - 2016-07-11 11:34 - 01608704 _____ C:\Users\Win10\AppData\Roaming\InstallDingjDlr.exe
2016-07-15 21:23 - 2016-07-15 21:45 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Kuaizip
2016-07-15 21:23 - 2016-07-15 21:23 - 00000000 ____D C:\Program Files\żěŃą
2016-07-15 21:21 - 2016-02-18 03:56 - 07318464 _____ C:\Users\Win10\AppData\Roaming\KuaiZip_Setup_703612525_zzlm_002.exe
2016-07-15 21:20 - 2016-07-15 21:37 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-07-15 21:20 - 2016-07-15 21:20 - 00003122 _____ C:\Windows\System32\Tasks\ttwifi
2016-07-15 21:20 - 2016-07-15 21:20 - 00000000 ____D C:\Program Files (x86)\GreatMaker
2016-07-15 21:20 - 2016-02-18 10:10 - 05267952 _____ () C:\Users\Win10\AppData\Roaming\ziptool_wc-9015_setup.exe
2016-07-15 21:19 - 2016-07-15 21:19 - 00000000 ____D C:\Users\Win10\AppData\Roaming\gplyra
2016-07-15 21:19 - 2016-07-15 21:19 - 00000000 ____D C:\Users\Win10\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
2016-07-15 21:19 - 2016-07-13 04:29 - 00344576 _____ C:\Users\Win10\AppData\Roaming\RandomDelJiheReg.exe
2016-07-15 21:19 - 2016-07-01 11:19 - 08284704 _____ (深圳市伟创科技软件有限公司) C:\Users\Win10\AppData\Roaming\MaoHaWiFiSetup_263.exe
2016-07-15 21:18 - 2016-07-15 21:37 - 00000000 ____D C:\Users\Win10\AppData\Roaming\UPUpdata
2016-07-15 21:18 - 2016-07-15 21:18 - 00000000 ____D C:\Program Files (x86)\GTFPOQUOTT Updater
2016-07-15 21:17 - 2016-07-15 21:32 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-07-15 21:16 - 2016-07-15 21:14 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-07-15 21:15 - 2016-07-15 21:37 - 00000000 ____D C:\Program Files (x86)\4C4C4544-1468610143-5310-8057-B8C04F324E31
2016-07-15 21:14 - 2016-07-15 21:37 - 00000000 ____D C:\Program Files (x86)\badu
2016-07-15 21:13 - 2016-07-15 21:13 - 00000000 ____D C:\Program Files (x86)\WeatherChickn
2016-07-15 21:13 - 2016-07-15 21:13 - 00000000 ____D C:\Program Files (x86)\ContentPush
2016-07-15 21:05 - 2016-07-15 21:05 - 00045128 _____ C:\Users\Win10\Desktop\Recovery Session File # Fri, 15-Jul-2016[21 5 40].rrs4
2016-07-15 20:51 - 2009-02-12 15:11 - 00026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys
2016-07-15 20:50 - 2016-07-15 20:51 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Remo
2016-07-15 20:48 - 2016-07-15 20:49 - 22351520 _____ (Remo Software ) C:\Users\Win10\Desktop\recover-windows.exe
2016-07-15 20:30 - 2016-07-16 15:51 - 00000000 ____D C:\Users\Win10\Desktop\slike
2016-07-14 16:07 - 2016-07-14 16:07 - 00820652 _____ C:\Users\Win10\Desktop\PORODICNO SKRIPTA.pdf
2016-07-14 11:09 - 2016-07-14 11:10 - 00212739 _____ C:\Users\Win10\Desktop\izmjene_krivicnog_zakona_53_06_-_bos.pdf
2016-07-14 09:38 - 2016-07-14 09:49 - 00690363 _____ C:\Users\Win10\Desktop\krivicni_zakon_3_03_-_bos (1).pdf
2016-07-14 09:29 - 2016-07-14 09:29 - 00464829 _____ C:\Users\Win10\Desktop\BDBiH_CC_2013.pdf
2016-07-14 09:02 - 2016-07-14 09:17 - 00320256 _____ C:\Users\Win10\Desktop\krivicni_zakon_3_03_-_bos.pdf
2016-07-14 04:42 - 2016-07-14 04:42 - 01424403 _____ C:\Users\Win10\Desktop\documents.tips_krivicno-pravo-skripta-558bfb62ccadb.pdf
2016-07-12 09:39 - 2016-07-12 09:39 - 00444561 _____ C:\Users\Win10\Desktop\5._Ugovor_o_nasljeYivanju.pdf
2016-07-10 17:34 - 2016-07-10 17:34 - 00000000 _____ C:\Users\Win10\Desktop\New Text Document.txt
2016-07-07 21:25 - 2016-07-07 21:25 - 00000000 ____D C:\Users\Win10\AppData\LocalLow\BitTorrent
2016-07-03 23:41 - 2016-07-16 02:10 - 00000000 ____D C:\Users\Win10\Desktop\koh
2016-07-03 23:39 - 2016-07-03 23:41 - 45441753 _____ C:\Users\Win10\Desktop\WorldScenario.rar
2016-06-29 08:35 - 2016-06-29 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-06-28 03:12 - 2016-06-28 03:12 - 00314434 ____N C:\Users\Win10\AppData\Roaming\EYapp.apk
2016-06-26 21:16 - 2016-06-26 21:16 - 03887328 _____ (Husdawg, LLC) C:\Users\Win10\Desktop\Detection (1).exe
2016-06-26 18:10 - 2016-06-26 18:10 - 00000000 ____D C:\Users\Win10\Desktop\vidovdanska trka 2016
2016-06-25 16:12 - 2016-06-25 16:12 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Black Sea Studios
2016-06-25 14:27 - 2016-07-05 15:51 - 00001159 _____ C:\Users\Win10\Desktop\Knights of Honor.lnk
2016-06-25 14:27 - 2016-06-25 14:27 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Knights of Honor
2016-06-25 14:26 - 2016-07-05 15:51 - 00000000 ____D C:\Program Files (x86)\Knights of Honor
2016-06-24 23:50 - 2016-06-24 23:50 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Wargaming.net
2016-06-24 20:34 - 2016-07-06 14:41 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-06-23 19:39 - 2016-06-23 19:39 - 00000000 ____D C:\Users\Win10\Desktop\muzika
2016-06-23 19:38 - 2016-06-23 19:38 - 00000000 ____D C:\Users\Win10\Desktop\glas

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-16 15:56 - 2016-05-12 23:45 - 00215609 _____ C:\Windows\ZAM.krnl.trace
2016-07-16 15:56 - 2016-05-12 23:45 - 00190013 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-07-16 15:50 - 2016-01-12 11:33 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-16 15:46 - 2016-01-12 11:13 - 00830266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-16 15:46 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF
2016-07-16 15:45 - 2016-03-22 01:01 - 00000000 ____D C:\Users\Win10\Desktop\my city
2016-07-16 15:42 - 2016-01-16 00:35 - 00000000 ____D C:\ProgramData\MCShield
2016-07-16 15:34 - 2016-02-16 17:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-16 14:50 - 2016-01-12 11:33 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-16 14:04 - 2016-05-12 22:50 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-16 12:55 - 2016-02-21 13:07 - 00000420 _____ C:\Windows\Tasks\update-S-1-5-21-4141768178-2677256371-3011144849-1001.job
2016-07-16 09:51 - 2016-02-21 13:07 - 00000420 _____ C:\Windows\Tasks\update-sys.job
2016-07-16 02:56 - 2016-01-12 11:21 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Adobe
2016-07-16 02:55 - 2016-02-16 16:36 - 00002416 __RSH C:\ProgramData\ntuser.pol
2016-07-16 02:47 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-16 02:46 - 2015-07-10 11:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-16 02:45 - 2016-01-12 11:24 - 00101376 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWT6.sys
2016-07-16 02:13 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2016-07-16 00:41 - 2016-01-12 11:21 - 00000000 ____D C:\Users\Win10
2016-07-15 21:40 - 2016-01-22 19:48 - 01927168 ___SH C:\Users\Win10\Desktop\Thumbs.db
2016-07-12 18:34 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 18:34 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-08 02:06 - 2016-01-30 13:48 - 00000000 ____D C:\Users\Win10\AppData\Roaming\BitTorrent
2016-06-29 08:36 - 2016-05-27 13:39 - 00001155 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-06-29 08:36 - 2016-03-23 19:36 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-06-26 20:54 - 2016-02-19 22:12 - 00124724 ____N C:\Windows\Minidump\062616-18265-01.dmp
2016-06-26 20:54 - 2016-01-13 23:51 - 00000000 ____D C:\Windows\Minidump
2016-06-25 16:11 - 2016-05-12 22:59 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-20 10:38 - 2016-02-18 21:52 - 00000000 ____D C:\Program Files (x86)\TeamViewer

==================== Files in the root of some directories =======

2016-01-12 18:46 - 2016-01-12 18:46 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2016-04-26 14:24 - 2016-04-26 14:24 - 0000009 ____N () C:\Users\Win10\AppData\Roaming\a.bat
2010-08-28 22:43 - 2010-08-28 22:43 - 0577335 ____N () C:\Users\Win10\AppData\Roaming\adb.exe
2010-08-28 22:43 - 2010-08-28 22:43 - 0096256 ____N (Google, inc) C:\Users\Win10\AppData\Roaming\AdbWinApi.dll
2010-08-28 22:43 - 2010-08-28 22:43 - 0060928 ____N (Google, inc) C:\Users\Win10\AppData\Roaming\AdbWinUsbApi.dll
2016-07-15 21:26 - 2016-07-04 07:53 - 51376752 _____ (UCWeb Inc.) C:\Users\Win10\AppData\Roaming\Browser_V5.6.14087.7_r_4681_(Build1607010949).exe
2016-07-15 21:27 - 2016-07-04 07:38 - 51373168 _____ (UCWeb Inc.) C:\Users\Win10\AppData\Roaming\Browser_V5.6.14087.7_r_4700_(Build1607010949).exe
2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\Win10\AppData\Roaming\EYapp.apk
2010-08-28 22:43 - 2010-08-28 22:43 - 0356009 ____N () C:\Users\Win10\AppData\Roaming\fastboot.exe
2016-07-15 21:24 - 2016-07-11 11:34 - 1608704 _____ () C:\Users\Win10\AppData\Roaming\InstallDingjDlr.exe
2016-07-15 21:25 - 2016-07-14 15:16 - 1613312 _____ () C:\Users\Win10\AppData\Roaming\kpzip.exe
2016-07-15 21:21 - 2016-02-18 03:56 - 7318464 _____ () C:\Users\Win10\AppData\Roaming\KuaiZip_Setup_703612525_zzlm_002.exe
2016-07-15 21:19 - 2016-07-01 11:19 - 8284704 _____ (深圳市伟创科技软件有限公司) C:\Users\Win10\AppData\Roaming\MaoHaWiFiSetup_263.exe
2016-07-15 21:19 - 2016-07-13 04:29 - 0344576 _____ () C:\Users\Win10\AppData\Roaming\RandomDelJiheReg.exe
2016-07-15 21:24 - 2016-07-15 21:24 - 7616340 _____ () C:\Users\Win10\AppData\Roaming\setup.apk
2016-07-15 21:24 - 2016-07-15 21:24 - 0732869 _____ () C:\Users\Win10\AppData\Roaming\xdo.zip
2016-07-15 21:25 - 2016-07-06 09:49 - 1613824 _____ () C:\Users\Win10\AppData\Roaming\YellowSend.exe
2016-07-15 21:30 - 2016-07-06 07:10 - 1609728 _____ () C:\Users\Win10\AppData\Roaming\YoyNotepad.exe
2016-07-15 21:20 - 2016-02-18 10:10 - 5267952 _____ () C:\Users\Win10\AppData\Roaming\ziptool_wc-9015_setup.exe
2016-02-16 03:05 - 2016-02-16 03:05 - 0970512 _____ () C:\Users\Win10\AppData\Local\Picture-Resizer_1490.rar
2016-02-07 01:48 - 2016-02-07 01:48 - 0000017 _____ () C:\Users\Win10\AppData\Local\resmon.resmoncfg
2016-02-21 13:07 - 2016-02-21 13:07 - 0000003 _____ () C:\Users\Win10\AppData\Local\updater.log
2016-02-21 13:07 - 2016-02-21 13:07 - 0000424 _____ () C:\Users\Win10\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
C:\Users\Win10\AppData\Local\Temp\1468610703V0RDXtmp.exe
C:\Users\Win10\AppData\Local\Temp\1468610723V0RDXtmp.exe
C:\Users\Win10\AppData\Local\Temp\2345Explorer_365146_silence.exe
C:\Users\Win10\AppData\Local\Temp\28A4.tmp.exe
C:\Users\Win10\AppData\Local\Temp\29da41ca244e4f799399c35fcd88989177872.exe
C:\Users\Win10\AppData\Local\Temp\340A.tmp.exe
C:\Users\Win10\AppData\Local\Temp\A47B.tmp.exe
C:\Users\Win10\AppData\Local\Temp\Browser_V5.6.14087.7_r_4726_(Build1607010949).exe
C:\Users\Win10\AppData\Local\Temp\clear_cache.exe
C:\Users\Win10\AppData\Local\Temp\D836.tmp.exe
C:\Users\Win10\AppData\Local\Temp\DoubleClick.exe
C:\Users\Win10\AppData\Local\Temp\DriverBoosterSetup.exe
C:\Users\Win10\AppData\Local\Temp\EE36.tmp.exe
C:\Users\Win10\AppData\Local\Temp\ICReinstall_keygen-step-2.exe
C:\Users\Win10\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Win10\AppData\Local\Temp\RemoveTemp.exe
C:\Users\Win10\AppData\Local\Temp\setup.exe
C:\Users\Win10\AppData\Local\Temp\ts.exe
C:\Users\Win10\AppData\Local\Temp\tupgerodopls.ru_EU.exe
C:\Users\Win10\AppData\Local\Temp\typgirodapile.ru_EU.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-10 20:39

==================== End of FRST.txt ============================


mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi Zemana AntiMalware i sacuvaj ga na Deskop.


Arrow Kada preuzimanje bude zavrseno:

Dvoklikom pokreni instalaciju i prati uputstva. Instalacija je standardna bez ikakvih dodatnih opcija.
Nakon instalacije, program ce se automatski pokrenuti i sada je potrebno klikniti na Scan.
Kada se skeniranje zavrsi, klikni Next kako bi uklonio sve pronadjene stavke.
Ako ti zatrazi da restartujes racunar, klikni na Reboot.
Ukoliko je racunar ozbiljno inficiran, nakon restarta ce uslediti jos jedno skeniranje.


Arrow Nakon toga, potrebno je da dostavis izvestaj/e:

Na tastaturi pritisni + R u isto vreme.
Kopiraj sledecu komandu i potvrdi sa OK:
%USERPROFILE%\AppData\Local\Zemana\Zemana AntiMalware\reports
Najnovji izvestaj/e kopiraj na Deskop, a zatim ga prikaci u sledecoj poruci.

offline
  • Pridružio: 21 Mar 2016
  • Poruke: 15

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ponovo pokreni FRST, označi opciju Addition.txt i klikni na Scan. Kada završi postavi mi nove FRST izvještaje.

offline
  • Pridružio: 21 Mar 2016
  • Poruke: 15

mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016 03
Ran by Win10 (administrator) on DESKTOP-FCVLAPJ (17-07-2016 20:51:37)
Running from C:\Users\Win10\Desktop
Loaded Profiles: Win10 (Available Profiles: Win10)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\GTFPOQUOTT Updater\GTFPOQUOTT Updater.exe
() C:\Users\Win10\AppData\Roaming\HPStocker\HPStockerSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(2345.com) C:\Program Files (x86)\2345Soft\2345Explorer\Protect\Protect_2345Explorer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
() C:\Users\Win10\AppData\Roaming\gplyra\gplyra.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(MediaApp) C:\Users\Win10\AppData\Roaming\Checkers\Draughts\Draughts.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [gplyra] => C:\Users\Win10\AppData\Roaming\gplyra\gplyra.exe [1400320 2016-06-09] ()
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13716208 2016-06-30] (Zemana Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] ()
HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\badu\uc.exe
HKLM-x32\...\Run: [EYAN] => C:\Users\Win10\AppData\Roaming\THREADAPP.exe
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\Run: [Draughts] => C:\Users\Win10\AppData\Roaming\Checkers\Draughts\Draughts.exe [522392 2016-07-15] (MediaApp)
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\MountPoints2: {683a27ba-d324-11e5-9bd6-d8c8c5c082fd} - "D:\setup.exe"
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => No File
Startup: C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NHL® 09 Registration.lnk [2016-05-05]
ShortcutTarget: NHL® 09 Registration.lnk -> C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2c0272c6-460b-4241-adfe-5b99271948b0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-12] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-12] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-12] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Win10\AppData\Roaming\Mozilla\Firefox\Profiles\1u9vfzfi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.ba/
CHR StartupUrls: Default -> "hxxp://www.google.ba/"
CHR Profile: C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-12]
CHR Extension: (Google Drive) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Lovac na sendviče) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\cebplboeldmlomimakpfhbhojajdpaki [2016-03-27]
CHR Extension: (Google Search) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (YOU.DJ app) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\defekohaofmambflfpfoojkmfdpcbgko [2016-03-27]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-05-29]
CHR Extension: (Tampermonkey) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-05-31]
CHR Extension: (Google Sheets) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-12]
CHR Extension: (Google Docs Offline) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-06]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2016-05-01]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2016-05-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Win10\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR HKLM-x32\...\Chrome\Extension: [oaocmnfllndpbbmjmniielgaanaifehp] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 GTFPOQUOTT Updater; C:\Program Files (x86)\GTFPOQUOTT Updater\GTFPOQUOTT Updater.exe [313344 2016-07-06] () [File not signed] <==== ATTENTION
R2 HPStocker Service; C:\Users\Win10\AppData\Roaming\HPStocker\HPStockerSrv.exe [372224 2016-07-15] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Protect_2345Explorer; C:\Program Files (x86)\2345Soft\2345Explorer\Protect\Protect_2345Explorer.exe [191512 2016-05-11] (2345.com)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13716208 2016-06-30] (Zemana Ltd.)
S2 FastCompress; C:\Program Files (x86)\FastCompress-Zip\Fast_Support.exe [X]
S2 KuaizipUpdateChecker; C:\Program Files\żěŃą\X86\kuaizipUpdateChecker.dll [X]
S2 MaohaWifiSvr; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-07-16] (Advanced Micro Devices)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-16] (Disc Soft Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [31832 2016-07-16] (ELAN Microelectronic Corp.)
S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-16] (REALiX(tm))
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [936192 2016-07-16] (Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-07-16] (Realsil Semiconductor Corporation)
S1 sqxdzfeu; C:\Windows\system32\drivers\sqxdzfeu.sys [55168 2016-07-17] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-07-16] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-05-27] (Zemana Ltd.)
S1 MaohaWifiNetPro; \??\C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaoHaWiFiNet64.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-17 20:48 - 2016-07-17 20:51 - 00016372 _____ C:\Users\Win10\Desktop\FRST.txt
2016-07-17 20:47 - 2016-07-17 20:47 - 00000000 ____D C:\Users\Win10\Desktop\New folder (3)
2016-07-17 20:47 - 2016-07-17 20:47 - 00000000 ____D C:\Users\Win10\Desktop\FRST-OlderVersion
2016-07-17 19:44 - 2016-07-17 19:44 - 00016148 _____ C:\Windows\system32\DESKTOP-FCVLAPJ_Win10_HistoryPrediction.bin
2016-07-17 12:38 - 2016-07-17 12:38 - 00055168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sqxdzfeu.sys
2016-07-16 23:37 - 2016-07-16 23:44 - 00000000 ____D C:\Users\Win10\Desktop\slike
2016-07-16 23:34 - 2016-07-16 23:35 - 412570475 _____ C:\Users\Win10\Desktop\slike.rar
2016-07-16 22:17 - 2016-07-16 22:17 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-07-16 22:17 - 2016-07-16 22:17 - 00001231 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-07-16 22:17 - 2016-07-16 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-07-16 22:16 - 2016-07-16 22:16 - 05603048 _____ ( ) C:\Users\Win10\Desktop\Zemana.AntiMalware.Setup.exe
2016-07-16 15:56 - 2016-07-17 20:51 - 00000000 ____D C:\FRST
2016-07-16 15:55 - 2016-07-17 20:47 - 02391040 _____ (Farbar) C:\Users\Win10\Desktop\FRST64.exe
2016-07-16 15:42 - 2016-07-16 15:42 - 00000000 ____D C:\Windows\SysWOW64\sda
2016-07-16 13:40 - 2016-07-17 19:44 - 00000390 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2016-07-16 13:40 - 2016-07-16 13:40 - 00002818 _____ C:\Windows\System32\Tasks\DriverToolkit Autorun
2016-07-16 07:59 - 2016-07-16 07:59 - 00954155 _____ C:\Users\Win10\Desktop\Installer_For_Samsung_Digimax_101_Camera_Driver.zip
2016-07-16 07:54 - 2016-07-16 07:54 - 02449376 _____ (Megaify Software ) C:\Users\Win10\Desktop\DriverToolkitInstaller.exe
2016-07-16 07:54 - 2016-07-16 07:54 - 00001150 _____ C:\Users\Public\Desktop\DriverToolkit.lnk
2016-07-16 07:54 - 2016-07-16 07:54 - 00000000 ____D C:\Users\Win10\AppData\Local\DriverToolkit
2016-07-16 07:54 - 2016-07-16 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2016-07-16 07:54 - 2016-07-16 07:54 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2016-07-16 02:55 - 2016-07-16 02:55 - 00002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-07-16 02:55 - 2016-07-16 02:55 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-07-16 02:55 - 2016-07-16 02:55 - 00002182 _____ C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2016-07-16 02:55 - 2016-07-16 02:55 - 00002180 _____ C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk
2016-07-16 02:55 - 2016-07-16 02:55 - 00001039 _____ C:\Users\Win10\Desktop\Checkers.lnk
2016-07-16 02:55 - 2016-07-16 02:55 - 00000000 ____D C:\Users\Win10\AppData\Roaming\HPStocker
2016-07-16 02:55 - 2016-07-16 02:55 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Checkers
2016-07-16 02:54 - 2016-07-16 02:54 - 04530176 _____ C:\Users\Win10\Desktop\Remo_Recover_4.iso
2016-07-16 02:45 - 2016-07-16 02:45 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-07-16 02:45 - 2016-07-16 02:45 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-07-16 02:44 - 2016-07-16 02:44 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2016-07-16 02:44 - 2016-07-16 02:44 - 04330200 _____ (TODO: <Company name>) C:\Windows\RtCRU64.exe
2016-07-16 02:44 - 2016-07-16 02:44 - 00936192 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2016-07-16 02:44 - 2016-07-16 02:44 - 00413912 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2016-07-16 02:44 - 2016-07-16 02:44 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2016-07-16 02:44 - 2016-07-16 02:44 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2016-07-16 02:42 - 2016-07-16 02:43 - 01730328 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-07-16 02:42 - 2016-07-16 02:42 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys
2016-07-16 02:42 - 2016-07-16 02:42 - 00031832 _____ (ELAN Microelectronic Corp.) C:\Windows\system32\Drivers\ETDSMBus.sys
2016-07-16 02:38 - 2016-07-17 19:47 - 00003026 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Win10)
2016-07-16 02:38 - 2016-07-16 02:56 - 00003382 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-07-16 02:38 - 2016-07-16 02:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-07-16 02:38 - 2016-07-16 02:39 - 00000000 ____D C:\Users\Win10\AppData\LocalLow\IObit
2016-07-16 02:38 - 2016-07-16 02:38 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-07-16 02:38 - 2016-07-16 02:38 - 00000000 ____D C:\Windows\IObit
2016-07-16 02:38 - 2016-07-16 02:38 - 00000000 ____D C:\Users\Win10\AppData\Roaming\IObit
2016-07-16 02:38 - 2016-07-16 02:38 - 00000000 ____D C:\ProgramData\ProductData
2016-07-16 02:38 - 2016-07-16 02:38 - 00000000 ____D C:\ProgramData\IObit
2016-07-16 02:38 - 2016-07-16 02:38 - 00000000 ____D C:\Program Files (x86)\IObit
2016-07-16 02:37 - 2016-07-16 02:38 - 15023568 _____ (IObit ) C:\Users\Win10\Desktop\driver_booster_ds_setup.exe
2016-07-16 02:28 - 2016-07-16 02:28 - 00000000 ____D C:\Users\Public\Thunder Network
2016-07-16 02:28 - 2016-07-16 02:28 - 00000000 ____D C:\ProgramData\Thunder Network
2016-07-16 02:27 - 2016-07-16 02:32 - 00000000 ____D C:\Program Files (x86)\OSTotoSoft
2016-07-16 02:27 - 2016-07-16 02:28 - 00000000 ____D C:\ProgramData\DriverTalent
2016-07-16 02:27 - 2016-07-16 02:27 - 00000000 ____D C:\Users\Win10\AppData\Roaming\DriverTalent
2016-07-16 02:23 - 2016-07-16 02:24 - 10918040 _____ (OSToto Co., Ltd.) C:\Users\Win10\Desktop\DriverTalent_setup.exe
2016-07-16 02:11 - 2016-07-16 02:11 - 00347824 _____ (PC Drivers HeadQuarters LP) C:\Users\Win10\Desktop\DriverDetective.exe
2016-07-16 02:11 - 2016-07-16 02:11 - 00000000 ____D C:\Program Files (x86)\Driver Detective
2016-07-16 02:08 - 2016-07-16 02:08 - 00031121 _____ C:\Users\Win10\Desktop\samsung_digital_camera_usb_device_driver.zip
2016-07-16 01:32 - 2016-07-16 01:32 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\Win10\Desktop\driveragent-setup-1278.exe
2016-07-15 21:29 - 2016-07-15 21:29 - 00001361 _____ C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2345王牌浏览器.lnk
2016-07-15 21:28 - 2016-07-15 21:29 - 00000000 ____D C:\Users\Win10\AppData\Local\2345Explorer
2016-07-15 21:28 - 2016-07-15 21:28 - 00000000 ____D C:\Program Files (x86)\2345Soft
2016-07-15 21:27 - 2016-07-15 21:27 - 00003268 _____ C:\Windows\System32\Tasks\{2CFA971F-9343-4817-B867-8173F1A0AAE2}
2016-07-15 21:24 - 2016-07-15 21:24 - 00732869 _____ C:\Users\Win10\AppData\Roaming\xdo.zip
2016-07-15 21:24 - 2016-07-15 21:24 - 00000886 _____ C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2016-07-15 21:24 - 2016-07-15 21:24 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Softlink
2016-07-15 21:23 - 2016-07-15 21:45 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Kuaizip
2016-07-15 21:23 - 2016-07-15 21:23 - 00000000 ____D C:\Program Files\żěŃą
2016-07-15 21:20 - 2016-07-15 21:37 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-07-15 21:20 - 2016-07-15 21:20 - 00003122 _____ C:\Windows\System32\Tasks\ttwifi
2016-07-15 21:20 - 2016-07-15 21:20 - 00000000 ____D C:\Program Files (x86)\GreatMaker
2016-07-15 21:19 - 2016-07-15 21:19 - 00000000 ____D C:\Users\Win10\AppData\Roaming\gplyra
2016-07-15 21:19 - 2016-07-15 21:19 - 00000000 ____D C:\Users\Win10\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
2016-07-15 21:19 - 2016-07-13 04:29 - 00344576 _____ C:\Users\Win10\AppData\Roaming\RandomDelJiheReg.exe
2016-07-15 21:18 - 2016-07-16 22:55 - 00000000 ____D C:\Users\Win10\AppData\Roaming\UPUpdata
2016-07-15 21:18 - 2016-07-15 21:18 - 00000000 ____D C:\Program Files (x86)\GTFPOQUOTT Updater
2016-07-15 21:17 - 2016-07-15 21:32 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-07-15 21:16 - 2016-07-15 21:14 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-07-15 21:15 - 2016-07-16 22:54 - 00000000 ____D C:\Program Files (x86)\4C4C4544-1468610143-5310-8057-B8C04F324E31
2016-07-15 21:14 - 2016-07-16 22:54 - 00000000 ____D C:\Program Files (x86)\badu
2016-07-15 21:13 - 2016-07-16 22:54 - 00000000 ____D C:\Program Files (x86)\ContentPush
2016-07-15 21:13 - 2016-07-15 21:13 - 00000000 ____D C:\Program Files (x86)\WeatherChickn
2016-07-15 21:05 - 2016-07-15 21:05 - 00045128 _____ C:\Users\Win10\Desktop\Recovery Session File # Fri, 15-Jul-2016[21 5 40].rrs4
2016-07-15 20:51 - 2009-02-12 15:11 - 00026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys
2016-07-15 20:50 - 2016-07-15 20:51 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Remo
2016-07-15 20:48 - 2016-07-15 20:49 - 22351520 _____ (Remo Software ) C:\Users\Win10\Desktop\recover-windows.exe
2016-07-14 16:07 - 2016-07-14 16:07 - 00820652 _____ C:\Users\Win10\Desktop\PORODICNO SKRIPTA.pdf
2016-07-14 11:09 - 2016-07-14 11:10 - 00212739 _____ C:\Users\Win10\Desktop\izmjene_krivicnog_zakona_53_06_-_bos.pdf
2016-07-14 09:38 - 2016-07-14 09:49 - 00690363 _____ C:\Users\Win10\Desktop\krivicni_zakon_3_03_-_bos (1).pdf
2016-07-14 09:29 - 2016-07-14 09:29 - 00464829 _____ C:\Users\Win10\Desktop\BDBiH_CC_2013.pdf
2016-07-14 09:02 - 2016-07-14 09:17 - 00320256 _____ C:\Users\Win10\Desktop\krivicni_zakon_3_03_-_bos.pdf
2016-07-14 04:42 - 2016-07-14 04:42 - 01424403 _____ C:\Users\Win10\Desktop\documents.tips_krivicno-pravo-skripta-558bfb62ccadb.pdf
2016-07-12 09:39 - 2016-07-12 09:39 - 00444561 _____ C:\Users\Win10\Desktop\5._Ugovor_o_nasljeYivanju.pdf
2016-07-10 17:34 - 2016-07-10 17:34 - 00000000 _____ C:\Users\Win10\Desktop\New Text Document.txt
2016-07-07 21:25 - 2016-07-07 21:25 - 00000000 ____D C:\Users\Win10\AppData\LocalLow\BitTorrent
2016-07-03 23:41 - 2016-07-16 02:10 - 00000000 ____D C:\Users\Win10\Desktop\koh
2016-07-03 23:39 - 2016-07-03 23:41 - 45441753 _____ C:\Users\Win10\Desktop\WorldScenario.rar
2016-06-28 03:12 - 2016-06-28 03:12 - 00314434 ____N C:\Users\Win10\AppData\Roaming\EYapp.apk
2016-06-26 21:16 - 2016-06-26 21:16 - 03887328 _____ (Husdawg, LLC) C:\Users\Win10\Desktop\Detection (1).exe
2016-06-26 18:10 - 2016-06-26 18:10 - 00000000 ____D C:\Users\Win10\Desktop\vidovdanska trka 2016
2016-06-25 16:12 - 2016-06-25 16:12 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Black Sea Studios
2016-06-25 14:27 - 2016-07-05 15:51 - 00001159 _____ C:\Users\Win10\Desktop\Knights of Honor.lnk
2016-06-25 14:27 - 2016-06-25 14:27 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Knights of Honor
2016-06-25 14:26 - 2016-07-05 15:51 - 00000000 ____D C:\Program Files (x86)\Knights of Honor
2016-06-24 23:50 - 2016-06-24 23:50 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Wargaming.net
2016-06-24 20:34 - 2016-07-06 14:41 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-06-23 19:39 - 2016-06-23 19:39 - 00000000 ____D C:\Users\Win10\Desktop\muzika
2016-06-23 19:38 - 2016-06-23 19:38 - 00000000 ____D C:\Users\Win10\Desktop\glas

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-17 20:51 - 2016-05-12 23:45 - 00176138 _____ C:\Windows\ZAM.krnl.trace
2016-07-17 20:51 - 2016-05-12 23:45 - 00142023 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-07-17 20:50 - 2016-01-12 11:33 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-17 20:34 - 2016-02-16 17:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-17 19:45 - 2016-05-12 22:50 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-17 19:45 - 2016-01-16 00:35 - 00000000 ____D C:\ProgramData\MCShield
2016-07-17 19:45 - 2016-01-12 11:33 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-17 16:55 - 2016-02-21 13:07 - 00000420 _____ C:\Windows\Tasks\update-S-1-5-21-4141768178-2677256371-3011144849-1001.job
2016-07-17 13:51 - 2016-02-21 13:07 - 00000420 _____ C:\Windows\Tasks\update-sys.job
2016-07-17 11:17 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\NDF
2016-07-17 02:05 - 2016-01-12 11:21 - 00000000 ____D C:\Users\Win10
2016-07-16 23:09 - 2016-01-22 19:48 - 01927168 ___SH C:\Users\Win10\Desktop\Thumbs.db
2016-07-16 23:04 - 2016-03-23 19:36 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-07-16 23:04 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-16 22:55 - 2016-01-12 11:21 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Adobe
2016-07-16 22:06 - 2016-01-12 11:13 - 00830266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-16 22:06 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF
2016-07-16 15:45 - 2016-03-22 01:01 - 00000000 ____D C:\Users\Win10\Desktop\my city
2016-07-16 02:55 - 2016-02-16 16:36 - 00002416 __RSH C:\ProgramData\ntuser.pol
2016-07-16 02:46 - 2015-07-10 11:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-16 02:45 - 2016-01-12 11:24 - 00101376 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWT6.sys
2016-07-16 02:13 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2016-07-12 18:34 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 18:34 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-08 02:06 - 2016-01-30 13:48 - 00000000 ____D C:\Users\Win10\AppData\Roaming\BitTorrent
2016-06-26 20:54 - 2016-02-19 22:12 - 00124724 ____N C:\Windows\Minidump\062616-18265-01.dmp
2016-06-26 20:54 - 2016-01-13 23:51 - 00000000 ____D C:\Windows\Minidump
2016-06-25 16:11 - 2016-05-12 22:59 - 00000000 ____D C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-20 10:38 - 2016-02-18 21:52 - 00000000 ____D C:\Program Files (x86)\TeamViewer

==================== Files in the root of some directories =======

2016-01-12 18:46 - 2016-01-12 18:46 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2016-04-26 14:24 - 2016-04-26 14:24 - 0000009 ____N () C:\Users\Win10\AppData\Roaming\a.bat
2010-08-28 22:43 - 2010-08-28 22:43 - 0577335 ____N () C:\Users\Win10\AppData\Roaming\adb.exe
2010-08-28 22:43 - 2010-08-28 22:43 - 0096256 ____N (Google, inc) C:\Users\Win10\AppData\Roaming\AdbWinApi.dll
2010-08-28 22:43 - 2010-08-28 22:43 - 0060928 ____N (Google, inc) C:\Users\Win10\AppData\Roaming\AdbWinUsbApi.dll
2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\Win10\AppData\Roaming\EYapp.apk
2010-08-28 22:43 - 2010-08-28 22:43 - 0356009 ____N () C:\Users\Win10\AppData\Roaming\fastboot.exe
2016-07-15 21:19 - 2016-07-13 04:29 - 0344576 _____ () C:\Users\Win10\AppData\Roaming\RandomDelJiheReg.exe
2016-07-15 21:24 - 2016-07-15 21:24 - 0732869 _____ () C:\Users\Win10\AppData\Roaming\xdo.zip
2016-02-16 03:05 - 2016-02-16 03:05 - 0970512 _____ () C:\Users\Win10\AppData\Local\Picture-Resizer_1490.rar
2016-02-07 01:48 - 2016-02-07 01:48 - 0000017 _____ () C:\Users\Win10\AppData\Local\resmon.resmoncfg
2016-02-21 13:07 - 2016-02-21 13:07 - 0000003 _____ () C:\Users\Win10\AppData\Local\updater.log
2016-02-21 13:07 - 2016-02-21 13:07 - 0000424 _____ () C:\Users\Win10\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
C:\Users\Win10\AppData\Local\Temp\2345Explorer_365146_silence.exe
C:\Users\Win10\AppData\Local\Temp\28A4.tmp.exe
C:\Users\Win10\AppData\Local\Temp\29da41ca244e4f799399c35fcd88989177872.exe
C:\Users\Win10\AppData\Local\Temp\340A.tmp.exe
C:\Users\Win10\AppData\Local\Temp\A47B.tmp.exe
C:\Users\Win10\AppData\Local\Temp\clear_cache.exe
C:\Users\Win10\AppData\Local\Temp\D836.tmp.exe
C:\Users\Win10\AppData\Local\Temp\DoubleClick.exe
C:\Users\Win10\AppData\Local\Temp\DriverBoosterSetup.exe
C:\Users\Win10\AppData\Local\Temp\EE36.tmp.exe
C:\Users\Win10\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Win10\AppData\Local\Temp\RemoveTemp.exe
C:\Users\Win10\AppData\Local\Temp\ts.exe
C:\Users\Win10\AppData\Local\Temp\tupgerodopls.ru_EU.exe
C:\Users\Win10\AppData\Local\Temp\typgirodapile.ru_EU.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-10 20:39

==================== End of FRST.txt ============================

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Preporučujem ti da deinstaliraš:

Checkers
ContentPush
GTFPOQUOTT Updater version 1.2.0.4

Driver Booster 3.4
DriverToolkit



Arrow Korak 2

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

Start

HKLM\...\Run: [gplyra] => C:\Users\Win10\AppData\Roaming\gplyra\gplyra.exe [1400320 2016-06-09] ()
HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\badu\uc.exe
HKLM-x32\...\Run: [EYAN] => C:\Users\Win10\AppData\Roaming\THREADAPP.exe
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\Run: [Draughts] => C:\Users\Win10\AppData\Roaming\Checkers\Draughts\Draughts.exe [522392 2016-07-15] (MediaApp)
CHR HKLM-x32\...\Chrome\Extension: [oaocmnfllndpbbmjmniielgaanaifehp] - hxxps://clients2.google.com/service/update2/crx
R2 GTFPOQUOTT Updater; C:\Program Files (x86)\GTFPOQUOTT Updater\GTFPOQUOTT Updater.exe [313344 2016-07-06] () [File not signed] <==== ATTENTION
R2 HPStocker Service; C:\Users\Win10\AppData\Roaming\HPStocker\HPStockerSrv.exe [372224 2016-07-15] () [File not signed]
R2 Protect_2345Explorer; C:\Program Files (x86)\2345Soft\2345Explorer\Protect\Protect_2345Explorer.exe [191512 2016-05-11] (2345.com)
S2 FastCompress; C:\Program Files (x86)\FastCompress-Zip\Fast_Support.exe [X]
S2 KuaizipUpdateChecker; C:\Program Files\żěŃą\X86\kuaizipUpdateChecker.dll [X]
S2 MaohaWifiSvr; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [X]
Task: {15A66AAC-E5D6-46A5-ACFC-CD480EDD6933} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe <==== ATTENTION
Task: {FD52EA30-B8C5-497B-B915-6010A7539F7C} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION

C:\Program Files (x86)\GTFPOQUOTT Updater
C:\Program Files (x86)\2345Soft
C:\Program Files (x86)\DriverToolkit
C:\Users\Win10\AppData\Roaming\gplyra
C:\Users\Win10\AppData\Roaming\Checkers
C:\Program Files (x86)\badu
C:\Users\Win10\AppData\Roaming\THREADAPP.exe
C:\Users\Win10\AppData\Roaming\HPStocker
C:\Program Files (x86)\FastCompress-Zip
C:\Program Files\żěŃą
C:\Program Files (x86)\GreatMaker
C:\Users\Win10\AppData\Roaming\Checkers
C:\Users\Win10\Desktop\Checkers.lnk
C:\Users\Public\Thunder Network
C:\ProgramData\Thunder Network
C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2345王牌浏览器.lnk
C:\Users\Win10\AppData\Local\2345Explorer
C:\Users\Win10\AppData\Roaming\xdo.zip
C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
C:\Users\Win10\AppData\Roaming\Softlink
C:\Users\Win10\AppData\Roaming\Kuaizip
C:\ProgramData\WindowsMsg
C:\Program Files (x86)\GreatMaker
C:\Users\Win10\AppData\Roaming\gplyra
C:\Users\Win10\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
C:\Users\Win10\AppData\Roaming\RandomDelJiheReg.exe
C:\Users\Win10\AppData\Roaming\UPUpdata
C:\Program Files (x86)\UCBrowser
C:\Program Files (x86)\4C4C4544-1468610143-5310-8057-B8C04F324E31
C:\Program Files (x86)\badu
C:\Program Files (x86)\ContentPush
C:\Program Files (x86)\WeatherChickn
C:\Users\Win10\AppData\Roaming\a.bat
C:\Users\Win10\AppData\Roaming\adb.exe
C:\Users\Win10\AppData\Roaming\AdbWinApi.dll
C:\Users\Win10\AppData\Roaming\AdbWinUsbApi.dll
C:\Users\Win10\AppData\Roaming\EYapp.apk
C:\Users\Win10\AppData\Roaming\fastboot.exe
C:\Users\Win10\AppData\Roaming\RandomDelJiheReg.exe
C:\Users\Win10\AppData\Roaming\xdo.zip
C:\Users\Win10\AppData\Local\Picture-Resizer_1490.rar
C:\Users\Win10\AppData\Local\resmon.resmoncfg
C:\Users\Win10\AppData\Local\updater.log
C:\Users\Win10\AppData\Local\UserProducts.xml
C:\Users\Win10\AppData\Local\Temp\2345Explorer_365146_silence.exe
C:\Users\Win10\AppData\Local\Temp\28A4.tmp.exe
C:\Users\Win10\AppData\Local\Temp\29da41ca244e4f799399c35fcd88989177872.exe
C:\Users\Win10\AppData\Local\Temp\340A.tmp.exe
C:\Users\Win10\AppData\Local\Temp\A47B.tmp.exe
C:\Users\Win10\AppData\Local\Temp\clear_cache.exe
C:\Users\Win10\AppData\Local\Temp\D836.tmp.exe
C:\Users\Win10\AppData\Local\Temp\DoubleClick.exe
C:\Users\Win10\AppData\Local\Temp\EE36.tmp.exe
C:\Users\Win10\AppData\Local\Temp\RemoveTemp.exe
C:\Users\Win10\AppData\Local\Temp\ts.exe
C:\Users\Win10\AppData\Local\Temp\tupgerodopls.ru_EU.exe
C:\Users\Win10\AppData\Local\Temp\typgirodapile.ru_EU.exe
C:\Program Files (x86)\ttwifi
C:\Program Files (x86)\OLBPre\OLBPre.exe
FirewallRules: [{93446723-D4C7-40FB-8C59-B448132A52E7}] => (Allow) C:\Program Files (x86)\SprgFiles\SprgFiles.exe
FirewallRules: [{CE91C9B8-A806-463D-BE85-31CB40026C61}] => (Allow) C:\Program Files (x86)\SprgFiles\SprgFiles.exe
FirewallRules: [{11AF9169-0327-426A-A448-9F01A9FDEF12}] => (Allow) C:\Program Files (x86)\SprgFiles\downloader.exe
FirewallRules: [{29B59F4A-F769-4F1F-8831-AF63F7BE73AB}] => (Allow) C:\Program Files (x86)\SprgFiles\downloader.exe
FirewallRules: [{CA2E6D63-A42D-41EB-99A3-8AFE7A0C3C48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6FDF19FA-A68C-4F43-983E-E1A8481CBFCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DF6BB8F5-F280-48FA-BE21-CCA437A8E3C5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3CC23474-B504-4ADF-B746-1A05D360CD34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3A4E488F-4760-4B6F-87F5-C5E8722FF231}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
FirewallRules: [{2F82AA60-773E-475C-B8D4-EB55C59E53CA}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{CE6F4304-0D0E-4167-84B9-C3213D490432}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe
FirewallRules: [{D62BE406-2999-42BC-84C8-D7F2317FC15B}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [TCP Query User{35B45134-3125-4A97-B4B5-B2D113A8F69C}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe
FirewallRules: [UDP Query User{E95CD7A4-D0AF-43D5-87BC-EE8151A7AA92}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe
FirewallRules: [{AE969216-635E-4128-B91C-3028DAEBC09D}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe
FirewallRules: [{DE2DCF32-53BC-4B63-944E-C994A8E4AA56}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe
FirewallRules: [{13B6BAF0-856D-4D38-8DBE-0CC9E980DFEC}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe

ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => No File
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\MountPoints2: {683a27ba-d324-11e5-9bd6-d8c8c5c082fd} - "D:\setup.exe"
EmptyTemp:

End


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

offline
  • Pridružio: 21 Mar 2016
  • Poruke: 15

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-07-2016 03
Ran by Win10 (2016-07-18 16:08:03) Run:1
Running from C:\Users\Win10\Desktop
Loaded Profiles: Win10 (Available Profiles: Win10)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

HKLM\...\Run: [gplyra] => C:\Users\Win10\AppData\Roaming\gplyra\gplyra.exe [1400320 2016-06-09] ()
HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\badu\uc.exe
HKLM-x32\...\Run: [EYAN] => C:\Users\Win10\AppData\Roaming\THREADAPP.exe
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\Run: [Draughts] => C:\Users\Win10\AppData\Roaming\Checkers\Draughts\Draughts.exe [522392 2016-07-15] (MediaApp)
CHR HKLM-x32\...\Chrome\Extension: [oaocmnfllndpbbmjmniielgaanaifehp] - hxxps://clients2.google.com/service/update2/crx
R2 GTFPOQUOTT Updater; C:\Program Files (x86)\GTFPOQUOTT Updater\GTFPOQUOTT Updater.exe [313344 2016-07-06] () [File not signed] <==== ATTENTION
R2 HPStocker Service; C:\Users\Win10\AppData\Roaming\HPStocker\HPStockerSrv.exe [372224 2016-07-15] () [File not signed]
R2 Protect_2345Explorer; C:\Program Files (x86)\2345Soft\2345Explorer\Protect\Protect_2345Explorer.exe [191512 2016-05-11] (2345.com)
S2 FastCompress; C:\Program Files (x86)\FastCompress-Zip\Fast_Support.exe [X]
S2 KuaizipUpdateChecker; C:\Program Files\żěŃą\X86\kuaizipUpdateChecker.dll [X]
S2 MaohaWifiSvr; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [X]
Task: {15A66AAC-E5D6-46A5-ACFC-CD480EDD6933} - System32\Tasks\ttwifi => C:\Program Files (x86)\ttwifi\tiantianwifi.exe <==== ATTENTION
Task: {FD52EA30-B8C5-497B-B915-6010A7539F7C} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION

C:\Program Files (x86)\GTFPOQUOTT Updater
C:\Program Files (x86)\2345Soft
C:\Program Files (x86)\DriverToolkit
C:\Users\Win10\AppData\Roaming\gplyra
C:\Users\Win10\AppData\Roaming\Checkers
C:\Program Files (x86)\badu
C:\Users\Win10\AppData\Roaming\THREADAPP.exe
C:\Users\Win10\AppData\Roaming\HPStocker
C:\Program Files (x86)\FastCompress-Zip
C:\Program Files\żěŃą
C:\Program Files (x86)\GreatMaker
C:\Users\Win10\AppData\Roaming\Checkers
C:\Users\Win10\Desktop\Checkers.lnk
C:\Users\Public\Thunder Network
C:\ProgramData\Thunder Network
C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2345?????.lnk
C:\Users\Win10\AppData\Local\2345Explorer
C:\Users\Win10\AppData\Roaming\xdo.zip
C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
C:\Users\Win10\AppData\Roaming\Softlink
C:\Users\Win10\AppData\Roaming\Kuaizip
C:\ProgramData\WindowsMsg
C:\Program Files (x86)\GreatMaker
C:\Users\Win10\AppData\Roaming\gplyra
C:\Users\Win10\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
C:\Users\Win10\AppData\Roaming\RandomDelJiheReg.exe
C:\Users\Win10\AppData\Roaming\UPUpdata
C:\Program Files (x86)\UCBrowser
C:\Program Files (x86)\4C4C4544-1468610143-5310-8057-B8C04F324E31
C:\Program Files (x86)\badu
C:\Program Files (x86)\ContentPush
C:\Program Files (x86)\WeatherChickn
C:\Users\Win10\AppData\Roaming\a.bat
C:\Users\Win10\AppData\Roaming\adb.exe
C:\Users\Win10\AppData\Roaming\AdbWinApi.dll
C:\Users\Win10\AppData\Roaming\AdbWinUsbApi.dll
C:\Users\Win10\AppData\Roaming\EYapp.apk
C:\Users\Win10\AppData\Roaming\fastboot.exe
C:\Users\Win10\AppData\Roaming\RandomDelJiheReg.exe
C:\Users\Win10\AppData\Roaming\xdo.zip
C:\Users\Win10\AppData\Local\Picture-Resizer_1490.rar
C:\Users\Win10\AppData\Local\resmon.resmoncfg
C:\Users\Win10\AppData\Local\updater.log
C:\Users\Win10\AppData\Local\UserProducts.xml
C:\Users\Win10\AppData\Local\Temp\2345Explorer_365146_silence.exe
C:\Users\Win10\AppData\Local\Temp\28A4.tmp.exe
C:\Users\Win10\AppData\Local\Temp\29da41ca244e4f799399c35fcd88989177872.exe
C:\Users\Win10\AppData\Local\Temp\340A.tmp.exe
C:\Users\Win10\AppData\Local\Temp\A47B.tmp.exe
C:\Users\Win10\AppData\Local\Temp\clear_cache.exe
C:\Users\Win10\AppData\Local\Temp\D836.tmp.exe
C:\Users\Win10\AppData\Local\Temp\DoubleClick.exe
C:\Users\Win10\AppData\Local\Temp\EE36.tmp.exe
C:\Users\Win10\AppData\Local\Temp\RemoveTemp.exe
C:\Users\Win10\AppData\Local\Temp\ts.exe
C:\Users\Win10\AppData\Local\Temp\tupgerodopls.ru_EU.exe
C:\Users\Win10\AppData\Local\Temp\typgirodapile.ru_EU.exe
C:\Program Files (x86)\ttwifi
C:\Program Files (x86)\OLBPre\OLBPre.exe
FirewallRules: [{93446723-D4C7-40FB-8C59-B448132A52E7}] => (Allow) C:\Program Files (x86)\SprgFiles\SprgFiles.exe
FirewallRules: [{CE91C9B8-A806-463D-BE85-31CB40026C61}] => (Allow) C:\Program Files (x86)\SprgFiles\SprgFiles.exe
FirewallRules: [{11AF9169-0327-426A-A448-9F01A9FDEF12}] => (Allow) C:\Program Files (x86)\SprgFiles\downloader.exe
FirewallRules: [{29B59F4A-F769-4F1F-8831-AF63F7BE73AB}] => (Allow) C:\Program Files (x86)\SprgFiles\downloader.exe
FirewallRules: [{CA2E6D63-A42D-41EB-99A3-8AFE7A0C3C48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6FDF19FA-A68C-4F43-983E-E1A8481CBFCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DF6BB8F5-F280-48FA-BE21-CCA437A8E3C5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3CC23474-B504-4ADF-B746-1A05D360CD34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3A4E488F-4760-4B6F-87F5-C5E8722FF231}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
FirewallRules: [{2F82AA60-773E-475C-B8D4-EB55C59E53CA}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{CE6F4304-0D0E-4167-84B9-C3213D490432}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe
FirewallRules: [{D62BE406-2999-42BC-84C8-D7F2317FC15B}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [TCP Query User{35B45134-3125-4A97-B4B5-B2D113A8F69C}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe
FirewallRules: [UDP Query User{E95CD7A4-D0AF-43D5-87BC-EE8151A7AA92}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe
FirewallRules: [{AE969216-635E-4128-B91C-3028DAEBC09D}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe
FirewallRules: [{DE2DCF32-53BC-4B63-944E-C994A8E4AA56}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe
FirewallRules: [{13B6BAF0-856D-4D38-8DBE-0CC9E980DFEC}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe

ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => No File
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\...\MountPoints2: {683a27ba-d324-11e5-9bd6-d8c8c5c082fd} - "D:\setup.exe"
EmptyTemp:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gplyra => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\apphide => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EYAN => value removed successfully
HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Draughts => value not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oaocmnfllndpbbmjmniielgaanaifehp" => key removed successfully
GTFPOQUOTT Updater => service removed successfully
HPStocker Service => Unable to stop service.
HPStocker Service => service removed successfully
Protect_2345Explorer => Unable to stop service.
Protect_2345Explorer => service removed successfully
FastCompress => service removed successfully
KuaizipUpdateChecker => service removed successfully
MaohaWifiSvr => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{15A66AAC-E5D6-46A5-ACFC-CD480EDD6933}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15A66AAC-E5D6-46A5-ACFC-CD480EDD6933}" => key removed successfully
C:\Windows\System32\Tasks\ttwifi => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ttwifi" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD52EA30-B8C5-497B-B915-6010A7539F7C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD52EA30-B8C5-497B-B915-6010A7539F7C}" => key removed successfully
C:\Windows\System32\Tasks\LaunchPreSignup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchPreSignup" => key removed successfully
"C:\Program Files (x86)\GTFPOQUOTT Updater" => not found.
C:\Program Files (x86)\2345Soft => moved successfully
C:\Program Files (x86)\DriverToolkit => moved successfully
C:\Users\Win10\AppData\Roaming\gplyra => moved successfully
C:\Users\Win10\AppData\Roaming\Checkers => moved successfully
C:\Program Files (x86)\badu => moved successfully
"C:\Users\Win10\AppData\Roaming\THREADAPP.exe" => not found.

"C:\Users\Win10\AppData\Roaming\HPStocker" folder move:

Could not move "C:\Users\Win10\AppData\Roaming\HPStocker" => Scheduled to move on reboot.

"C:\Program Files (x86)\FastCompress-Zip" => not found.
C:\Program Files\żěŃą => moved successfully
C:\Program Files (x86)\GreatMaker => moved successfully
"C:\Users\Win10\AppData\Roaming\Checkers" => not found.
"C:\Users\Win10\Desktop\Checkers.lnk" => not found.
C:\Users\Public\Thunder Network => moved successfully
C:\ProgramData\Thunder Network => moved successfully
"C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2345?????.lnk" => not found.
C:\Users\Win10\AppData\Local\2345Explorer => moved successfully
C:\Users\Win10\AppData\Roaming\xdo.zip => moved successfully
C:\Users\Win10\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk => moved successfully
C:\Users\Win10\AppData\Roaming\Softlink => moved successfully
C:\Users\Win10\AppData\Roaming\Kuaizip => moved successfully
C:\ProgramData\WindowsMsg => moved successfully
"C:\Program Files (x86)\GreatMaker" => not found.
"C:\Users\Win10\AppData\Roaming\gplyra" => not found.
C:\Users\Win10\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk => moved successfully
C:\Users\Win10\AppData\Roaming\RandomDelJiheReg.exe => moved successfully
C:\Users\Win10\AppData\Roaming\UPUpdata => moved successfully
C:\Program Files (x86)\UCBrowser => moved successfully
C:\Program Files (x86)\4C4C4544-1468610143-5310-8057-B8C04F324E31 => moved successfully
"C:\Program Files (x86)\badu" => not found.
C:\Program Files (x86)\ContentPush => moved successfully
C:\Program Files (x86)\WeatherChickn => moved successfully
C:\Users\Win10\AppData\Roaming\a.bat => moved successfully
C:\Users\Win10\AppData\Roaming\adb.exe => moved successfully
C:\Users\Win10\AppData\Roaming\AdbWinApi.dll => moved successfully
C:\Users\Win10\AppData\Roaming\AdbWinUsbApi.dll => moved successfully
C:\Users\Win10\AppData\Roaming\EYapp.apk => moved successfully
C:\Users\Win10\AppData\Roaming\fastboot.exe => moved successfully
"C:\Users\Win10\AppData\Roaming\RandomDelJiheReg.exe" => not found.
"C:\Users\Win10\AppData\Roaming\xdo.zip" => not found.
C:\Users\Win10\AppData\Local\Picture-Resizer_1490.rar => moved successfully
C:\Users\Win10\AppData\Local\resmon.resmoncfg => moved successfully
C:\Users\Win10\AppData\Local\updater.log => moved successfully
C:\Users\Win10\AppData\Local\UserProducts.xml => moved successfully
C:\Users\Win10\AppData\Local\Temp\2345Explorer_365146_silence.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\28A4.tmp.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\29da41ca244e4f799399c35fcd88989177872.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\340A.tmp.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\A47B.tmp.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\clear_cache.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\D836.tmp.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\DoubleClick.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\EE36.tmp.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\RemoveTemp.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\ts.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\tupgerodopls.ru_EU.exe => moved successfully
C:\Users\Win10\AppData\Local\Temp\typgirodapile.ru_EU.exe => moved successfully
"C:\Program Files (x86)\ttwifi" => not found.
"C:\Program Files (x86)\OLBPre\OLBPre.exe" => not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{93446723-D4C7-40FB-8C59-B448132A52E7} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE91C9B8-A806-463D-BE85-31CB40026C61} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{11AF9169-0327-426A-A448-9F01A9FDEF12} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29B59F4A-F769-4F1F-8831-AF63F7BE73AB} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CA2E6D63-A42D-41EB-99A3-8AFE7A0C3C48} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6FDF19FA-A68C-4F43-983E-E1A8481CBFCB} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF6BB8F5-F280-48FA-BE21-CCA437A8E3C5} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3CC23474-B504-4ADF-B746-1A05D360CD34} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A4E488F-4760-4B6F-87F5-C5E8722FF231} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F82AA60-773E-475C-B8D4-EB55C59E53CA} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE6F4304-0D0E-4167-84B9-C3213D490432} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D62BE406-2999-42BC-84C8-D7F2317FC15B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{35B45134-3125-4A97-B4B5-B2D113A8F69C}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E95CD7A4-D0AF-43D5-87BC-EE8151A7AA92}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AE969216-635E-4128-B91C-3028DAEBC09D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE2DCF32-53BC-4B63-944E-C994A8E4AA56} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13B6BAF0-856D-4D38-8DBE-0CC9E980DFEC} => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj" => key removed successfully
HKCR\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => key not found.
"HKU\S-1-5-21-4141768178-2677256371-3011144849-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{683a27ba-d324-11e5-9bd6-d8c8c5c082fd}" => key removed successfully
HKCR\CLSID\{683a27ba-d324-11e5-9bd6-d8c8c5c082fd} => key not found.

=========== EmptyTemp: ==========

BITS transfer queue => 2229415 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23303127 B
Java, Flash, Steam htmlcache => 22291427 B
Windows/system/drivers => 15196296 B
Edge => 0 B
Chrome => 792769880 B
Firefox => 27228648 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 620 B
LocalService => 0 B
NetworkService => 317252 B
Win10 => 1297898189 B

RecycleBin => 2090592031 B
EmptyTemp: => 4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-07-18 16:14:49)

C:\Users\Win10\AppData\Roaming\HPStocker => Is moved successfully

==== End of Fixlog 16:14:52 ====

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Spakuj u ZIP, RAR ili 7Z arhivu sljedeći folder:

C:\FRST\Quarantine

i pošalji ga preko sljedećeg linka:

http://www.mycity.rs/ambulanta-upload.php


Arrow Korak 2

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Options isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Cleaning i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

offline
  • Pridružio: 21 Mar 2016
  • Poruke: 15

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kaži mi kakvo je sada stanje sistema.

Ko je trenutno na forumu
 

Ukupno su 573 korisnika na forumu :: 17 registrovanih, 1 sakriven i 555 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Atomski čoban, croato, goxin, indja, Jovan Nenad, kovinacc, laze2, miodrag, novator, Oluj2.1, Oscar2, ruma, Trpe Grozni, vlvl, W123, zlaya011