MyCity » Ambulanta -> Arhiva Ambulante » Komp br2 provera

Komp br2 provera

Napisano na dan: 26.1.2016

Komp br2 provera

Sledeća strana

Pagination

Odgovori

zoxknez Poslao: 26 Jan 2016 13:40 Idi na vrh
offline zoxknez Zaslužni građanin Pridružio: 27 Avg 2005 Poruke: 563	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016 Ran by PC (administrator) on PC-PC (26-01-2016 13:36:32) Running from C:\Users\PC\Desktop Loaded Profiles: PC (Available Profiles: PC & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (KVIrc Development Team) C:\Program Files (x86)\KVIrc\kvirc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296 2015-10-07] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1802424 2015-11-19] (NVIDIA Corporation) HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe "C:\Program Files (x86)\HP\HP UT\" HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation) HKU\S-1-5-21-3421853655-1393382260-1997549237-1001\...\MountPoints2: {bb9e9417-bcd1-11e5-8cdd-1c6f65b26aa4} - "F:\autorun.exe" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{5be899f8-4a88-4254-834a-daf0c3fa7219}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{d3761a41-c026-485e-9297-44117fb5f7bc}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-20] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-20] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\55uyt799.default FF Plugin-x32: @huawei.com/NPPlugin -> C:\Program Files (x86)\Web_TV\WebTVPlugin\NPPlugin.dll [2015-04-23] () FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google презентације) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-02] CHR Extension: (Google документи) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-02] CHR Extension: (Google диск) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02] CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-02] CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02] CHR Extension: (Tampermonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-18] CHR Extension: (Google табеле) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-02] CHR Extension: (Google документи офлајн) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17] CHR Extension: (AdBlock) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-20] CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-01-19] CHR Extension: ([CB] eRepublik) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcllofidbkalfnhfapholimfflgpojdp [2016-01-18] CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-02] CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-02] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed] R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AzureWavePci; C:\Windows\System32\Drivers\AzureWavePci.sys [351232 2010-07-29] (AzureWave Provide) S3 tsusbhub; C:\Windows\system32\drivers\tsusbhub.sys [117248 2010-11-21] (Microsoft Corporation) [File not signed] S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; no ImagePath U3 wpcsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-26 13:36 - 2016-01-26 13:37 - 00011688 _____ C:\Users\PC\Desktop\FRST.txt 2016-01-26 13:36 - 2016-01-26 13:36 - 00000000 ____D C:\FRST 2016-01-26 13:35 - 2016-01-26 13:36 - 02370560 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe 2016-01-24 13:50 - 2016-01-24 13:50 - 50706829 _____ C:\Users\PC\Desktop\Sastav CRODA za posudje nova zadnja jan 2016 rv2.cdr 2016-01-24 11:46 - 2016-01-24 11:46 - 50705460 _____ C:\Users\PC\Desktop\Sastav CRODA za posudje nova zadnja jan 2016 rv1.cdr 2016-01-24 10:07 - 2016-01-24 10:07 - 00783202 _____ C:\Users\PC\Downloads\Pravilnik o detergentima 25 15.pdf 2016-01-22 12:09 - 2016-01-22 12:09 - 00000079 _____ C:\Users\PC\Desktop\Acc.txt 2016-01-17 21:23 - 2016-01-17 21:24 - 00583026 _____ C:\Users\PC\Downloads\Soft-Inz.pdf 2016-01-17 21:23 - 2016-01-17 21:23 - 00130006 _____ C:\Users\PC\Downloads\SoftIng-Ispit3.pdf 2016-01-15 23:53 - 2016-01-19 07:28 - 00000050 _____ C:\Users\PC\Desktop\Multi acc.txt 2016-01-15 21:52 - 2016-01-15 21:52 - 00000000 ____H C:\Users\PC\Documents\Default.rdp 2016-01-13 05:52 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-13 05:51 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-13 05:51 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-01-13 05:51 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-01-13 05:51 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-13 05:51 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-13 05:51 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-13 05:51 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-13 05:51 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-13 05:51 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-01-13 05:51 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-01-13 05:51 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-13 05:51 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-13 05:51 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-13 05:51 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-13 05:51 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-13 05:51 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-13 05:51 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2016-01-13 05:51 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-01-13 05:51 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-13 05:51 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-13 05:51 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-13 05:51 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-13 05:51 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-13 05:51 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2016-01-13 05:51 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-13 05:51 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-01-13 05:51 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-13 05:51 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-13 05:51 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2016-01-13 05:51 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-13 05:51 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-13 05:51 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-13 05:51 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-13 05:51 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-13 05:51 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-13 05:51 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-01-13 05:51 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll 2016-01-13 05:51 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll 2016-01-13 05:51 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-01-13 05:51 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-01-13 05:51 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2016-01-13 05:51 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-13 05:51 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-01-13 05:51 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-01-13 05:51 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-01-13 05:51 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-13 05:51 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-01-13 05:51 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-13 05:51 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-01-13 05:51 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-13 05:51 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-01-13 05:51 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2016-01-13 05:51 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll 2016-01-13 05:51 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-13 05:51 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-13 05:51 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll 2016-01-13 05:51 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-01-13 05:51 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-13 05:51 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-13 05:51 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-13 05:51 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-01-13 05:51 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2016-01-13 05:51 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2016-01-13 05:51 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-13 05:51 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-01-13 05:51 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-01-13 05:51 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-01-13 05:51 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-13 05:51 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-01-13 05:51 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-13 05:51 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll 2016-01-13 05:51 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-01-13 05:51 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-13 05:51 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-01-13 05:51 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-13 05:51 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-13 05:51 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-13 05:51 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-13 05:51 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-13 05:51 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-01-13 05:51 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-01-13 05:51 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-13 05:51 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-01-13 05:51 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-13 05:51 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-13 05:51 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-01-12 23:18 - 2016-01-13 06:01 - 00000000 ____D C:\Users\PC\Desktop\IZVOZ 001 2016 2016-01-12 20:10 - 2016-01-12 20:10 - 00000936 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2016-01-12 20:10 - 2016-01-12 20:10 - 00000888 _____ C:\Users\PC\Desktop\Start Tor Browser.lnk 2016-01-12 20:09 - 2016-01-12 20:10 - 00000000 ____D C:\Users\PC\Desktop\Tor Browser 2016-01-11 00:05 - 2016-01-11 00:05 - 00000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics 2016-01-09 02:36 - 2016-01-09 02:36 - 00000000 _____ C:\Users\PC\ipconfig 2016-01-07 22:04 - 2016-01-11 02:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-05 00:08 - 2016-01-05 00:08 - 00000312 _____ C:\Users\PC\Desktop\masina.txt 2016-01-04 23:36 - 2016-01-05 11:55 - 00000000 ____D C:\Users\PC\AppData\Local\Filmovita 2016-01-04 23:35 - 2016-01-04 23:35 - 00002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Filmovita.lnk 2016-01-04 23:35 - 2016-01-04 23:35 - 00002220 _____ C:\Users\Public\Desktop\Filmovita.lnk 2016-01-04 23:35 - 2016-01-04 23:35 - 00000000 ____D C:\ProgramData\Caphyon 2016-01-04 23:34 - 2016-01-04 23:35 - 00000000 ____D C:\Users\PC\AppData\Local\Filmovita-App 2016-01-04 23:34 - 2016-01-04 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filmovita 2016-01-04 23:32 - 2016-01-04 23:32 - 00000000 ____D C:\Users\PC\AppData\Roaming\CG 2016-01-02 17:34 - 2016-01-02 17:34 - 00000000 ____D C:\Users\PC\Downloads\The Hobbit 1, 2, 3 - Complete Extended Trilogy Fantasy 2012-2015 Eng Subs 720p [H246-mp4] 2016-01-02 16:16 - 2016-01-02 16:16 - 00001708 _____ C:\Users\PC\Desktop\преузимање.htm 2016-01-02 16:08 - 2016-01-13 17:11 - 00000011 _____ C:\Users\PC\Desktop\Mildred Pierce 1945 xvid Hr.ByShebo (25 fps).srt 2015-12-28 01:43 - 2015-12-28 01:43 - 00002044 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.lnk 2015-12-28 01:43 - 2015-12-28 01:43 - 00002020 _____ C:\Users\PC\Desktop\PokerStars.lnk 2015-12-28 01:43 - 2015-12-28 01:43 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars 2015-12-27 19:28 - 2015-12-27 20:15 - 00000000 ____D C:\Users\PC\Desktop\ETIKETE DIGITALNA STAMPA 2015-12-27 18:25 - 2015-12-27 19:05 - 00000000 ____D C:\Users\PC\Desktop\KREMANSKA VODA ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-26 13:37 - 2015-11-11 11:40 - 00000000 ____D C:\Program Files (x86)\Steam 2016-01-26 13:36 - 2015-10-30 07:28 - 00000000 ____D C:\Windows 2016-01-26 13:19 - 2015-11-02 16:08 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-26 13:00 - 2015-11-22 21:28 - 00000000 ____D C:\Users\PC\AppData\Roaming\HPPlugin 2016-01-26 10:59 - 2015-11-06 19:38 - 00000000 ____D C:\Users\PC\AppData\Local\PokerStars 2016-01-26 10:51 - 2015-11-02 21:17 - 00000382 _____ C:\WINDOWS\Tasks\update-sys.job 2016-01-26 09:55 - 2015-11-02 21:17 - 00000382 _____ C:\WINDOWS\Tasks\update-S-1-5-21-3421853655-1393382260-1997549237-1001.job 2016-01-26 08:41 - 2015-12-01 01:47 - 01009692 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-26 08:41 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-01-26 08:36 - 2015-11-02 16:08 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-26 08:35 - 2015-12-01 01:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-26 08:35 - 2015-12-01 01:44 - 00000000 ____D C:\ProgramData\NVIDIA 2016-01-25 20:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-25 05:25 - 2015-12-01 02:03 - 00000000 ____D C:\Users\PC\AppData\Local\Packages 2016-01-24 20:27 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-24 09:49 - 2015-12-02 06:41 - 00000000 ____D C:\Users\PC\Desktop\New folder 2016-01-22 14:00 - 2015-12-01 01:47 - 00000000 ____D C:\Users\PC 2016-01-20 22:14 - 2015-11-02 16:30 - 00000000 ____D C:\ProgramData\Oracle 2016-01-20 22:09 - 2015-11-02 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-01-20 22:09 - 2015-11-02 16:30 - 00000000 ____D C:\Program Files (x86)\Java 2016-01-20 22:08 - 2015-11-02 16:31 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-01-20 22:08 - 2015-11-02 16:31 - 00000000 ____D C:\Users\PC\.oracle_jre_usage 2016-01-20 01:24 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-01-18 03:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-15 01:21 - 2015-11-02 16:07 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-01-14 23:38 - 2015-11-14 08:06 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-01-14 23:38 - 2015-11-14 08:06 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-01-13 17:47 - 2015-11-11 11:43 - 00000000 ____D C:\Users\PC\AppData\Local\Steam 2016-01-13 06:18 - 2015-11-02 16:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-01-13 06:18 - 2015-11-02 16:23 - 00000000 ____D C:\ProgramData\Microsoft Help 2016-01-13 06:15 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-13 06:15 - 2009-07-14 03:34 - 00000478 _____ C:\WINDOWS\win.ini 2016-01-13 06:11 - 2015-11-02 18:53 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-13 06:07 - 2015-07-18 23:46 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-11 19:46 - 2015-11-06 19:37 - 00000000 ____D C:\Program Files (x86)\PokerStars 2016-01-11 00:08 - 2015-11-22 21:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-05 11:32 - 2015-11-15 17:18 - 00000000 ____D C:\Users\PC\AppData\Roaming\vlc 2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-02 23:30 - 2015-11-29 12:59 - 00000000 ____D C:\Users\PC\AppData\Roaming\uTorrent ==================== Files in the root of some directories ======= 2015-11-02 21:17 - 2015-11-02 21:17 - 0000003 _____ () C:\Users\PC\AppData\Local\updater.log 2015-11-02 21:17 - 2015-11-02 21:17 - 0000424 _____ () C:\Users\PC\AppData\Local\UserProducts.xml 2015-11-02 16:21 - 2015-11-02 16:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\PC\AppData\Local\Temp\jre-8u71-windows-au.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-21 03:48 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-01-2016 Ran by PC (2016-01-26 13:38:15) Running from C:\Users\PC\Desktop Windows 10 Pro (X64) (2015-12-01 01:02:45) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3421853655-1393382260-1997549237-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3421853655-1393382260-1997549237-503 - Limited - Disabled) Guest (S-1-5-21-3421853655-1393382260-1997549237-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3421853655-1393382260-1997549237-1002 - Limited - Enabled) PC (S-1-5-21-3421853655-1393382260-1997549237-1001 - Administrator - Enabled) => C:\Users\PC ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3421853655-1393382260-1997549237-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{8616305F-122C-4341-9C37-47A9CD322AB2}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (x32 Version: 17.1.572 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 64 Bit (Version: 17.1.572 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) Filmovita (HKLM-x32\...\Filmovita 1.0.0) (Version: 1.0.0 - CG) Filmovita (x32 Version: 1.0.0 - CG) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version: - ) HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.2.0.001 - HTC Corporation) Incomedia WebSite X5 v12 - Home (HKLM-x32\...\{D25ADC00-2219-495D-A577-F14D1BE72756}_is1) (Version: 12.0.4.20 - Incomedia s.r.l.) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) KVIrc (HKLM-x32\...\KVIrc) (Version: - Szymon Stefanek and The KVIrc Development Team) Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Mozilla Firefox 43.0.4 (x86 sr) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 sr)) (Version: 43.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) NVIDIA 3D Vision Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - ) NVIDIA Graphics Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.52465 - TeamViewer) Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114502) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B4DBD8FE-927A-4BAF-9158-D71D2EE4C00F}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114502) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B4DBD8FE-927A-4BAF-9158-D71D2EE4C00F}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114502) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{B4DBD8FE-927A-4BAF-9158-D71D2EE4C00F}) (Version: - Microsoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WebTV Plugin (HKLM-x32\...\{3824BC79-F29F-43BD-83AF-2A2048536708}) (Version: 6.16.9.5 - WebTV Plugin) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3421853655-1393382260-1997549237-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {020AF690-5B7E-498E-AEC0-D230BB0450A8} - System32\Tasks\update-S-1-5-21-3421853655-1393382260-1997549237-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] () Task: {024048C1-3E50-45CB-8F7A-D4D23F54D6CC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {069D46B7-AF5E-412A-B4BE-600482166046} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {14618335-4070-4A30-870B-ACC8EE0898FA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {2DBE96CF-7550-4068-BB41-2372334FB056} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {311EAD56-9068-4E6D-8111-8424B297B270} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {3151D25D-A3C2-4E7D-9E65-A617025C4D81} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {3391BE50-0D1F-4FE2-B2C8-0B7E895F76E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {39D5BE29-4A2D-4777-9AA6-AA5C64EFE1C8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {434916D3-BD59-421F-9EBA-7765FBCD034D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {44AD2A5A-F76B-439F-BF76-4315AD412F77} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {4FCFC630-CB02-4DCF-BE2D-C9B90AFC1C79} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {517F0400-0775-444C-95AB-FB77BCEE2D53} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {53CAE391-8E5E-46C1-B020-88B6EC0077C4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {5431FF9F-9F6C-4DF5-B0F7-50867A15B6D5} - System32\Tasks\Ashampoo Privacy Protector 2015 Weekly Security Scan => C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector 2015\PrivacyProtector2015.exe Task: {57B73214-C5ED-4CFA-B567-0947B24AAE16} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {59609538-27C7-4801-9196-23D799735972} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {67C871E0-F22C-447D-A3D7-B841253266D2} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {6E50D470-786F-4296-9184-CB17A733937E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation) Task: {6EBCD0F9-DF25-4872-A12B-74B6FEF4463C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {83CF74D6-6F66-4A44-93A0-B47EC21AFB31} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {89A4BFD1-404A-4EF8-AFF3-747B0AE1D0FC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {8CCA4A50-8D48-45B9-AD4F-8293B6441A5A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-02] (Google Inc.) Task: {9BEC2D10-861A-4413-ABBC-9862A3708BBE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {A667728F-7EB2-41DD-A620-4318D9BA55E7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {A697D817-8C6C-4E82-BACD-A506EF579FA4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {A8EC8FD9-AE85-455D-B302-B2BC109ACC01} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {B675713F-BCA4-4332-8E61-86180CDF4980} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {C692A921-BC9D-40DE-A567-B1C4ECC9DDFE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {C9FE7AE6-4B41-4FC0-BB08-C6EBDC777762} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {CD7C3AFE-3A5D-4726-85A1-3531662319DB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {CE8839D6-B58A-4ED5-AEF1-B113A2BC7305} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] () Task: {D0ABD12F-6098-410D-9BB2-D0C55E9A3C5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {D582A782-6E79-40B8-8D07-4378405ACFC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-02] (Google Inc.) Task: {D6A9D0B9-5749-4F31-B6AE-80DEEF803B0A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {DB5C4042-E0CC-441A-97B1-BED0993EB243} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {E64F1C9B-F36B-4A6B-977C-BEEE5DD7C14E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {EDC9D2CB-1857-4758-9D3F-7F7069F5D747} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {F1206799-F859-4B22-9314-E324DB233D9A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {F4C9EC4A-CE10-410C-845D-C2DCA0A5F157} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {F603A091-0D3D-4FB7-AF20-8FB49CD64485} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {FB9CF27B-EF90-4C77-A7AF-E8C5946D8761} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {FCCD76FE-93B1-4F1E-8726-61F22830583D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\update-S-1-5-21-3421853655-1393382260-1997549237-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-01 01:44 - 2015-10-13 18:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-11-19 22:13 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2015-12-03 03:49 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-01-22 03:34 - 2016-01-22 03:35 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-03 03:49 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-10-13 15:07 - 2015-10-13 15:07 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-12-18 15:15 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 15:15 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-18 15:15 - 2015-12-07 05:00 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2016-01-13 05:51 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 05:52 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-13 05:51 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-13 05:51 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-22 03:34 - 2016-01-22 03:35 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 03:34 - 2016-01-22 03:35 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-01-15 01:20 - 2016-01-12 17:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll 2016-01-15 01:20 - 2016-01-12 17:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll 2016-01-19 23:49 - 2016-01-19 14:06 - 16792256 _____ () C:\Users\PC\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.286\pepflashplayer.dll 2015-04-23 22:43 - 2015-04-23 22:43 - 00044544 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\NPPlugin.dll 2015-04-23 22:42 - 2015-04-23 22:42 - 00391168 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\libhpp.dll 2015-04-23 22:40 - 2015-04-23 22:40 - 00512000 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\dmpbase.dll 2015-04-23 22:41 - 2015-04-23 22:41 - 00046080 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\OttCaInterface.dll 2015-04-23 22:40 - 2015-04-23 22:40 - 00490496 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\libepp.dll 2015-04-23 22:40 - 2015-04-23 22:40 - 03482112 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\PowerEngine.dll 2015-04-23 22:40 - 2015-04-23 22:40 - 00057344 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\PELog.dll 2015-04-23 22:41 - 2015-04-23 22:41 - 00069120 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\PEBase.dll 2015-04-23 22:41 - 2015-04-23 22:41 - 00028160 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\PEDiag.dll 2015-04-23 22:41 - 2015-04-23 22:41 - 01203712 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\PEHttpBase.dll 2015-04-23 22:40 - 2015-04-23 22:40 - 00534016 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\OttVmxCa.dll 2015-04-23 22:40 - 2015-04-23 22:40 - 07093600 _____ () C:\Program Files (x86)\Web_TV\WebTVPlugin\ViewRightWebClient.dll 2012-07-04 15:50 - 2012-07-04 15:50 - 01347511 _____ () C:\Program Files (x86)\KVIrc\libkvilib.dll 2012-05-13 08:01 - 2012-05-13 08:01 - 00101390 _____ () C:\Program Files (x86)\KVIrc\libz-1.dll 2011-05-10 09:53 - 2011-05-10 09:53 - 00043008 _____ () C:\Program Files (x86)\KVIrc\libgcc_s_dw2-1.dll 2011-05-10 09:53 - 2011-05-10 09:53 - 00011362 _____ () C:\Program Files (x86)\KVIrc\mingwm10.dll 2012-07-04 16:04 - 2012-07-04 16:04 - 00320056 _____ () C:\Program Files (x86)\KVIrc\modules\libkvitrayicon.dll 2012-07-04 15:59 - 2012-07-04 15:59 - 00399129 _____ () C:\Program Files (x86)\KVIrc\modules\libkvinotifier.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:0A8E2C33 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2015-11-19 02:03 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3421853655-1393382260-1997549237-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{0F7A1533-09BD-4466-BEB4-E8C77FC56F0B}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DACDAD1E-7634-41ED-9402-A3CEA65DAD1F}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1240D748-8EA3-4F9B-8455-3C09844C29CB}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{64BF38A8-AD9A-4C50-ABB9-0A9D828E3F1F}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A7C5BA3B-5FF0-4F4E-80B1-B2FADB68574C}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{74DA4379-F5DE-48EF-8C1C-CD7F3DCEFCB0}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{9097A29B-7B52-493B-8F3A-83A2EA8FA14B}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{575F70D7-34A8-4A65-9593-1A8C93EFDBA2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{15841393-4076-4965-8308-7F64972F1631}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EE8E14BD-EE61-40B6-BBE8-47C0AB97F4EA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{E19798EE-D763-4C42-B635-0E22AE43A432}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe FirewallRules: [TCP Query User{42E62DBE-BF1C-4FE8-B664-F439C9AFA23C}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe FirewallRules: [UDP Query User{6A3D3CD9-8367-45EC-BA23-E6B7FCA26A36}C:\program files (x86)\kvirc\kvirc.exe] => (Allow) C:\program files (x86)\kvirc\kvirc.exe FirewallRules: [TCP Query User{78582EC1-E63C-4633-9ABF-90C7F36F98A8}C:\program files (x86)\kvirc\kvirc.exe] => (Allow) C:\program files (x86)\kvirc\kvirc.exe FirewallRules: [{554034F2-1896-47CE-A3D0-5177D2674366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E37781AE-AC7B-4CF8-86EE-A18605EA78C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{99055D7B-5C9A-42F4-B0F8-59160149784D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{B06FE18B-A14A-4DC0-BEB6-4B5A4D94E281}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{623FB0B8-00CB-441B-B135-50306A26A868}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{2387B474-5798-4FA7-8950-2A5676DAC3CB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{DAEEFCA2-422B-44E1-BDCB-4A76E28FCA3A}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe FirewallRules: [TCP Query User{A12D4665-BCA7-4E0F-9370-C975260BE047}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe FirewallRules: [{C0266F84-846E-4CD1-A3F8-CC92EF41F7C4}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE FirewallRules: [{EEF50064-BD61-4F3A-AE13-C6D1B093A544}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE FirewallRules: [{0E477553-A9DD-4982-AD85-56632B43FC56}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{983062BB-F4A4-470B-BEEA-7B9C20E760C1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{65D0C1B1-6EBA-4A40-AC24-5D5294605BBD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{AD8BC70B-913D-4A22-A430-39F61ACCDA9F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [UDP Query User{CBF7AEE2-4827-4ACB-B4EC-7A06BC90A3AA}C:\program files (x86)\kvirc\kvirc.exe] => (Allow) C:\program files (x86)\kvirc\kvirc.exe FirewallRules: [TCP Query User{9510168E-CEC0-42F0-82A9-4FE351B2C059}C:\program files (x86)\kvirc\kvirc.exe] => (Allow) C:\program files (x86)\kvirc\kvirc.exe FirewallRules: [{E2DECE4C-EE93-493A-B05C-5E89CAA60DF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{B12F5ADA-A2F1-49CB-8709-279A4CC93C59}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{40861264-1560-4B26-8DC8-26ED132D5106}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{AF25880C-DDD6-44B3-B59F-37C6F039843A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{40D4699B-2131-443D-A10C-21E5038D382F}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{A689E88F-1B7C-442A-B2F4-3DAE42E82245}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe FirewallRules: [{3970F186-55BF-47D4-9400-F4AB33D938DE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2D8C5666-778F-4834-BB8E-E4CF6273C4F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{984C67B1-DD6A-496D-9A4B-D03CA786FC15}C:\users\pc\appdata\local\filmovita-app\filmovita.exe] => (Allow) C:\users\pc\appdata\local\filmovita-app\filmovita.exe FirewallRules: [UDP Query User{A396D3DA-12B5-4416-9FF3-3D4F5E6DFBA1}C:\users\pc\appdata\local\filmovita-app\filmovita.exe] => (Allow) C:\users\pc\appdata\local\filmovita-app\filmovita.exe FirewallRules: [TCP Query User{D2F2BED1-ABAB-4071-842A-474FB837FC76}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{A8C15C82-4A9D-4443-B77D-A992F63584A9}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{4AF1AA15-47BE-4475-B681-1CCB31264DB3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{47C6F389-1C13-4AA7-8081-8D73033305F7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{31D408EF-4811-4766-AAB7-2EEF5AD7FCD5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{454DE3F0-4346-4EB4-AC84-745C4E292D15}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{BCC823C5-E458-4751-AC38-00A558C2C819}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 11-01-2016 02:12:46 Windows Update 19-01-2016 15:10:45 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/26/2016 12:15:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.10586.0, time stamp: 0x5632d7ba Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0x8400000e Fault offset: 0x0000000000000000 Faulting process id: 0x1568 Faulting application start time: 0xsvchost.exe_MapsBroker0 Faulting application path: svchost.exe_MapsBroker1 Faulting module path: svchost.exe_MapsBroker2 Report Id: svchost.exe_MapsBroker3 Faulting package full name: svchost.exe_MapsBroker4 Faulting package-relative application ID: svchost.exe_MapsBroker5 Error: (01/25/2016 07:35:59 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (01/25/2016 04:47:02 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (01/20/2016 09:07:32 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (01/19/2016 03:10:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (01/18/2016 04:36:39 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SystemSettings.exe, version: 10.0.10586.11, time stamp: 0x56457cb1 Faulting module name: CoreUIComponents.dll, version: 0.0.0.0, time stamp: 0x565185e4 Exception code: 0xc0000005 Fault offset: 0x00000000000780cd Faulting process id: 0xe38 Faulting application start time: 0xSystemSettings.exe0 Faulting application path: SystemSettings.exe1 Faulting module path: SystemSettings.exe2 Report Id: SystemSettings.exe3 Faulting package full name: SystemSettings.exe4 Faulting package-relative application ID: SystemSettings.exe5 Error: (01/18/2016 04:00:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NetworkUXBroker.exe, version: 10.0.10586.0, time stamp: 0x5632d7f4 Faulting module name: NetworkUXBroker.exe, version: 10.0.10586.0, time stamp: 0x5632d7f4 Exception code: 0xe0464645 Fault offset: 0x000000000000a6d6 Faulting process id: 0x110c Faulting application start time: 0xNetworkUXBroker.exe0 Faulting application path: NetworkUXBroker.exe1 Faulting module path: NetworkUXBroker.exe2 Report Id: NetworkUXBroker.exe3 Faulting package full name: NetworkUXBroker.exe4 Faulting package-relative application ID: NetworkUXBroker.exe5 Error: (01/18/2016 02:08:15 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Steam.exe version 3.17.73.86 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: b9c Start Time: 01d150136e693fc7 Termination Time: 4294967295 Application Path: C:\Program Files (x86)\Steam\Steam.exe Report Id: eedbc77c-bd7f-11e5-8cdd-1c6f65b26aa4 Faulting package full name: Faulting package-relative application ID: Error: (01/14/2016 11:37:52 PM) (Source: MsiInstaller) (EventID: 1024) (User: PC-PC) Description: Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F0A4E5800}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: [Link mogu videti samo ulogovani korisnici] Error: (01/13/2016 01:39:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: CorelDrw.exe, version: 17.1.0.572, time stamp: 0x538e8a1a Faulting module name: VGCore.dll, version: 17.1.0.572, time stamp: 0x538e901e Exception code: 0xc0000005 Fault offset: 0x000000000005eccf Faulting process id: 0x193c Faulting application start time: 0xCorelDrw.exe0 Faulting application path: CorelDrw.exe1 Faulting module path: CorelDrw.exe2 Report Id: CorelDrw.exe3 Faulting package full name: CorelDrw.exe4 Faulting package-relative application ID: CorelDrw.exe5 System errors: ============= Error: (01/26/2016 08:35:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: %%1058 Error: (01/26/2016 08:35:09 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 8:21:27 AM on 1/26/2016 was unexpected. Error: (01/26/2016 01:41:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: %%1058 Error: (01/26/2016 01:41:27 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 1:19:08 AM on 1/26/2016 was unexpected. Error: (01/26/2016 12:16:46 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {7006698D-2974-4091-A424-85DD0B909E23} Error: (01/25/2016 11:49:14 PM) (Source: nvlddmkm) (EventID: 14) (User: ) Description: \Device\Video1CMDre 00000008 00000000 ffffffff 00000000 00000000 Error: (01/25/2016 11:49:14 PM) (Source: nvlddmkm) (EventID: 14) (User: ) Description: \Device\Video1CMDre 00000005 0000080c ffffffff 00000000 00000000 Error: (01/25/2016 11:49:14 PM) (Source: nvlddmkm) (EventID: 14) (User: ) Description: \Device\Video1CMDre 00000003 00000080 00000000 00000000 00000000 Error: (01/25/2016 11:49:14 PM) (Source: nvlddmkm) (EventID: 14) (User: ) Description: \Device\Video1CMDre 00000001 00000000 00000004 00000000 00000000 Error: (01/24/2016 10:15:50 AM) (Source: DCOM) (EventID: 10016) (User: PC-PC) Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}PC-PCPCS-1-5-21-3421853655-1393382260-1997549237-1001LocalHost (Using LRPC)UnavailableS-1-15-2-345103928-2973598073-206490843-2723525434-2030510010-315149802-1662632504 CodeIntegrity: =================================== Date: 2016-01-22 16:10:56.032 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-20 13:11:02.543 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-19 14:56:22.705 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-18 16:22:03.952 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-18 06:09:49.759 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-01-18 06:09:49.697 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2016-01-18 06:09:49.645 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2016-01-18 06:09:49.572 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-01-18 06:09:49.538 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2016-01-18 06:09:49.488 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== Processor: AMD Athlon(tm) II X4 620 Processor Percentage of memory in use: 56% Total physical RAM: 4094.46 MB Available physical RAM: 1761.28 MB Total Virtual: 8190.46 MB Available Virtual: 5167.61 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:146.04 GB) (Free:89.54 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (( D )) (Fixed) (Total:151.61 GB) (Free:148.78 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 00069856) Partition 1: (Active) - (Size=146 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=449 MB) - (Type=27) Partition 3: (Not Active) - (Size=151.6 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================

Profil

Sass Drake Poslao: 27 Jan 2016 19:04 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

zoxknez Poslao: 29 Jan 2016 08:45 Idi na vrh
offline zoxknez Zaslužni građanin Pridružio: 27 Avg 2005 Poruke: 563	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Malwarebytes Anti-Rootkit BETA 1.9.3.1001 [Link mogu videti samo ulogovani korisnici] Database version: main: v2016.01.29.02 rootkit: v2016.01.20.01 Windows 10 x64 NTFS Internet Explorer 11.63.10586.0 PC :: PC-PC [administrator] 29.1.2016 8:21:40 mbar-log-2016-01-29 (08-21-40).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 407840 Time elapsed: 21 minute(s), 51 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) [Link mogu videti samo ulogovani korisnici]

Profil

Sass Drake Poslao: 29 Jan 2016 19:47 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Čist si. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Komp br2 provera

Ko je trenutno na forumu

Ukupno su 914 korisnika na forumu :: 146 registrovanih, 12 sakrivenih i 756 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, 8u47, A.R.Chafee.Jr., Aleksandar Šljivar, Apok, aramis s, as2025, Aska, Automaticar, Avalon015, awathorn, babaroga, Bane san, Belisarius, Blair, Bo96, bojcistv, boro975, Bosnjo, BOXRR, BrcakRS, brufen, brundo65, BSD, Buzdovan, CHARLIE JA., Cicumile, cole77, comi991, DalmatinacMF, dekiz, Demi87, djboj, djukapfc, Dorcolac, draganca, Drenovak, dulleo, dunavzed, elenemste, Feller, Geran136, Goga, goran.vvv, Hans Gajger, Haris, Hemi, igorkozar83, Jakonjveliki, Jan, Jaxupa, Jeremiah, JK, jmsk, jodzula, Jomini, Karakan, KimiMR, king011, KizJ, Krajišnik97, Krkan800, Kum Ruzvelt, Lance Guest, LostInSpaceandTime, M74AB3, Makarid, maksi007, Marko Marković, mcgunner, mercedesamg, Metanoja, Mi lao shu, Mig 29, mikelija, mile09, milenko crazy north, milivoje_vatrogasac, MiljanXD, Milometer, Milos82, mir, Miškić, monomah, Mzee, naki011, narandzasti, nazgul75, neko iz mase, nelezele, Neno25, nenooo, nikoladim, Nobunaga, novator, omen, orah, pacika, Pale2025, panzerwaffe, Papadubi, pavle_pzs, pds, Pero, PlayerOne, precan, proka89, proljece, Radoslava, RajkoB, rakivan, Roksi, s0ne, Sale0501, samocitam, saputnik plavetnila, skvara, Slingshot, sluga, Smor, Sone0883, Stanlio, Stefan M, steksi, suponik, Tristan_Bantam, trutcina, TRZH92, umpah-pah, Vaske8990, vathra, Vatreni Zmaj, Velizar Laro, veljko82, veljkovicdani, virked, vlad4, VPV, vuksa72, wize, x011, Zanzibar, zlaya011, Zoran1959, ZZZ, 800077

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by