LapTop koci i rad na racunaru je dosta usporen

LapTop koci i rad na racunaru je dosta usporen

offline
  • Pridružio: 11 Avg 2008
  • Poruke: 65
  • Gde živiš: Vancouver

Antivirus program McFee LiveSafe ne detektuje nista. Ponekad se racunar zaglupi na najednostavnijem zadatku kao sto je otvaranje foldera ili pokretanje google chroma. Ponekad mu treba vise vremena nego obicno da podigne sistem i pocne sa radom.

U Task Manageru cesto se prikazuje da HardDisk je opterecen do maximuma, iako imam dosta slobodnog prostora na HardDisku.


mycity.rs/must-login.png

mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:29-08-2015
Ran by Ivana (administrator) on IVANAR (29-08-2015 12:15:45)
Running from C:\Users\Ivana\Desktop
Loaded Profiles: Ivana & (Available Profiles: Ivana)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.5.495.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Users\Ivana\AppData\Local\ZoomInfoCEUtility\2166\coordinator.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-30] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-16] (Dell Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-19] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [133760 2014-01-08] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001\...\Run: [Google Update] => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001\...\Run: [ZoomInfo Contact Contributor] => C:\Users\Ivana\AppData\Local\ZoomInfoCEUtility\launch.bat [108 2015-08-24] ()
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-06-03]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-05-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-05-13] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.9
Tcpip\..\Interfaces\{AFD29BE7-211D-4FA3-9EF6-56B78FD088AB}: [DhcpNameServer] 192.168.1.254 75.153.176.9
Tcpip\..\Interfaces\{E405BF27-9664-4123-A43B-7439AB783C78}: [DhcpNameServer] 172.8.1.171
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\h7v60i1r.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1544575880-4100132113-3847230736-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Ivana\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1544575880-4100132113-3847230736-1001: @talk.google.com/O1DPlugin -> C:\Users\Ivana\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1544575880-4100132113-3847230736-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ivana\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-1544575880-4100132113-3847230736-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ivana\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\Ivana\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\Ivana\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Ivana\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Ivana\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Ivana\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Ivana\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Firebug - C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\h7v60i1r.default\Extensions\firebug@software.joehewitt.com.xpi [2015-05-22]
FF Extension: Firepicker - C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\h7v60i1r.default\Extensions\firepicker@thedarkone.xpi [2015-05-22]
FF Extension: MeasureIt - C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\h7v60i1r.default\Extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi [2015-05-22]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-17]

Chrome:
=======
CHR Profile: C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-04]
CHR Extension: (PhotoMania) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajjfnbkfaofifbiflcicanlgaiafcamj [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-04]
CHR Extension: (Google Drive) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-04]
CHR Extension: (YouTube) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-04]
CHR Extension: (Google Search) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-04]
CHR Extension: (Dropbox for Gmail) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-05-28]
CHR Extension: (Google Sheets) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-04]
CHR Extension: (iCloud Bookmarks) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-03-13]
CHR Extension: (PDF Viewer) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jccchjobcggajhnmckffhcahkkbioifn [2015-01-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Skype Click to Call) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-04]
CHR Extension: (Google Maps) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-04]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2015-01-27]
CHR Extension: (Gmail) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-04]
CHR Profile: C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-27]
CHR Extension: (Google Docs) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-27]
CHR Extension: (Google Drive) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-27]
CHR Extension: (YouTube) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-27]
CHR Extension: (Google Search) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-27]
CHR Extension: (Tampermonkey) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-01-27]
CHR Extension: (Google Sheets) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-27]
CHR Extension: (Skype Click to Call) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-27]
CHR Extension: (Google Wallet) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-27]
CHR Extension: (Gmail) - C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-27]
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1544575880-4100132113-3847230736-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1544575880-4100132113-3847230736-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [318592 2014-01-08] (Windows (R) Win 7 DDK provider) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [139328 2014-02-19] (Aviata, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [754280 2015-05-13] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe [207344 2015-06-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [609592 2015-05-05] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-04-08] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-05-14] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-04-08] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-01-08] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-06-17] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-04-08] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-19] (Disc Soft Ltd)
S3 facap; C:\Windows\system32\DRIVERS\facap.sys [37888 2012-09-03] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [198448 2015-04-27] (McAfee, Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-06-07] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-08] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [402888 2015-04-08] (McAfee, Inc.)
U3 mfeaack01; no ImagePath
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [338272 2015-04-08] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
U3 mfeavfk02; no ImagePath
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-04-08] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-04-08] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-04-08] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864200 2015-04-08] (McAfee, Inc.)
U3 mfehidk01; no ImagePath
U3 mfehidk02; no ImagePath
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [483240 2015-03-26] (McAfee, Inc.)
U3 mfencbdc01; no ImagePath
U3 mfencbdc02; no ImagePath
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-03-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335944 2015-04-08] (McAfee, Inc.)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-15] (Synaptics Incorporated)
S0 mfeapfk; system32\drivers\mfeapfk.sys [X]
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-29 12:15 - 2015-08-29 12:18 - 00031208 _____ C:\Users\Ivana\Desktop\FRST.txt
2015-08-29 12:14 - 2015-08-29 12:16 - 00000000 ____D C:\FRST
2015-08-29 12:08 - 2015-08-29 12:08 - 02186752 _____ (Farbar) C:\Users\Ivana\Desktop\FRST64.exe
2015-08-29 12:08 - 2015-08-29 12:08 - 00000000 ___RD C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-08-29 12:03 - 2015-08-29 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-08-27 21:04 - 2015-08-27 21:04 - 00061616 _____ C:\Users\Ivana\Downloads\Ray.Donovan.S01.BDRip.X264.Pack-TL.torrent
2015-08-26 02:37 - 2015-08-26 02:37 - 00017047 _____ C:\Users\Ivana\Desktop\Maki solo Guitar project.wlmp
2015-08-26 02:25 - 2015-08-26 02:29 - 330720806 _____ C:\Users\Ivana\Desktop\Guthrie Govan-Lick Chords-Solo.mp4
2015-08-24 22:08 - 2015-08-24 22:22 - 00000573 _____ C:\Users\Ivana\Desktop\Vancouver Music Venues.txt
2015-08-24 12:57 - 2015-08-24 12:57 - 00000000 ____D C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZoomInfo Contact Contributor
2015-08-24 12:57 - 2015-08-24 12:57 - 00000000 ____D C:\Users\Ivana\AppData\Local\ZoomInfoCEUtility
2015-08-20 22:13 - 2015-08-20 22:13 - 00002164 _____ C:\Users\Ivana\Desktop\Amazing Slow Downer.lnk
2015-08-20 14:58 - 2015-08-20 14:58 - 00002241 _____ C:\Users\Ivana\AppData\Local\recently-used.xbel
2015-08-18 01:30 - 2015-08-18 01:30 - 00192248 _____ C:\Users\Ivana\Desktop\Steely Dan - Dont Take Me Alive (Pro).gpx
2015-08-17 23:03 - 2015-08-17 23:05 - 00000000 ____D C:\Users\Ivana\Desktop\Aki rodjus Aleksandar 2015
2015-08-17 23:01 - 2015-08-17 23:01 - 01306965 _____ C:\Users\Ivana\Downloads\IMG_9054.MOV
2015-08-13 23:38 - 2015-08-13 23:38 - 00014864 _____ C:\Users\Ivana\Downloads\True.Detective.S01E03.HDTV.Custom.HebSub.XviD-Extinct.torrent
2015-08-10 13:35 - 2015-08-10 15:27 - 00000000 ____D C:\Users\Ivana\Desktop\Aki- YMCA
2015-08-06 01:17 - 2015-08-06 23:45 - 00040453 _____ C:\Users\Ivana\Desktop\Scott Riddell Band 1st Gig.wlmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-29 12:13 - 2015-05-25 03:33 - 01155754 _____ C:\Windows\WindowsUpdate.log
2015-08-29 12:09 - 2014-12-10 13:41 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1544575880-4100132113-3847230736-1001UA.job
2015-08-29 12:09 - 2014-10-19 14:18 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1544575880-4100132113-3847230736-1001
2015-08-29 12:04 - 2014-10-19 14:19 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CBD355DD-3DE7-4A5C-969A-68EC64830397}
2015-08-29 12:02 - 2015-03-01 13:52 - 02028544 ___SH C:\Users\Ivana\Desktop\Thumbs.db
2015-08-29 12:02 - 2014-10-19 14:20 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-29 12:02 - 2014-10-19 14:16 - 00000000 __RDO C:\Users\Ivana\OneDrive
2015-08-29 12:01 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-29 01:45 - 2014-10-19 14:20 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-29 01:26 - 2014-10-27 12:54 - 00000000 ____D C:\Users\Ivana\AppData\Roaming\Winamp
2015-08-28 23:16 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-28 12:09 - 2014-10-19 19:59 - 00000000 ____D C:\Users\Ivana\AppData\Roaming\uTorrent
2015-08-28 01:08 - 2014-11-20 11:55 - 00000000 ____D C:\Users\Ivana\AppData\Local\CrashDumps
2015-08-27 22:23 - 2014-06-17 12:36 - 00000000 ____D C:\ProgramData\McAfee
2015-08-27 21:08 - 2014-12-10 13:41 - 00000870 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1544575880-4100132113-3847230736-1001Core.job
2015-08-27 21:03 - 2014-12-10 13:41 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1544575880-4100132113-3847230736-1001UA
2015-08-27 21:03 - 2014-12-10 13:41 - 00003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1544575880-4100132113-3847230736-1001Core
2015-08-25 12:01 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-25 11:18 - 2013-08-22 06:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-08-24 13:42 - 2015-06-03 11:15 - 00003486 _____ C:\Windows\System32\Tasks\AutoKMS
2015-08-24 13:20 - 2015-03-23 10:38 - 00000000 ____D C:\Users\Ivana\Documents\Outlook Files
2015-08-24 12:59 - 2014-10-19 14:20 - 00000000 ____D C:\Users\Ivana\AppData\Local\Deployment
2015-08-24 11:44 - 2014-11-19 11:46 - 00000000 ____D C:\Users\Ivana\Desktop\Coop Vancouver
2015-08-21 02:11 - 2014-12-01 02:07 - 00000000 ____D C:\Program Files\pia_manager
2015-08-20 23:08 - 2015-04-19 18:39 - 00000000 ____D C:\Users\Ivana\Desktop\Scott Riddel Band
2015-08-20 22:53 - 2015-01-08 23:27 - 00925696 ___SH C:\Users\Ivana\Downloads\Thumbs.db
2015-08-20 15:08 - 2015-04-27 12:16 - 00000000 ____D C:\Users\Ivana\.gimp-2.8
2015-08-20 14:58 - 2015-04-27 13:28 - 00000000 ____D C:\Users\Ivana\AppData\Local\gtk-2.0
2015-08-19 11:57 - 2014-10-19 20:14 - 00016855 _____ C:\Users\Ivana\Desktop\lozinke sa komp..txt
2015-08-18 01:40 - 2014-06-17 12:40 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-08-14 23:17 - 2015-05-30 01:57 - 00000000 ____D C:\Users\Ivana\Desktop\Maki-Solo Guitar-Licks
2015-08-06 16:08 - 2014-10-19 14:12 - 00000000 ____D C:\Users\Ivana\AppData\Local\Packages
2015-08-05 23:35 - 2015-01-11 15:16 - 00000000 ____D C:\FFOutput
2015-08-04 00:20 - 2015-02-16 22:53 - 00007599 _____ C:\Users\Ivana\AppData\Local\Resmon.ResmonCfg
2015-08-01 02:49 - 2014-12-04 00:08 - 00000000 ____D C:\Users\Ivana\Desktop\Maki Pjesme
2015-07-31 01:03 - 2015-07-21 10:57 - 00003348 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)

==================== Files in the root of some directories =======

2015-03-13 14:54 - 2015-03-13 14:55 - 0000003 _____ () C:\Users\Ivana\AppData\Roaming\GS297 Preferences
2015-08-20 14:58 - 2015-08-20 14:58 - 0002241 _____ () C:\Users\Ivana\AppData\Local\recently-used.xbel
2015-02-16 22:53 - 2015-08-04 00:20 - 0007599 _____ () C:\Users\Ivana\AppData\Local\Resmon.ResmonCfg
2014-06-17 11:46 - 2014-06-17 11:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-03 10:37 - 2015-06-05 10:47 - 0002892 _____ () C:\ProgramData\hpzinstall.log
2014-06-17 12:26 - 2014-06-17 12:27 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-06-17 12:22 - 2014-06-17 12:23 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-06-17 12:23 - 2014-06-17 12:25 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-06-17 12:25 - 2014-06-17 12:26 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-06-17 12:21 - 2014-06-17 12:22 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-24 12:09

==================== End of FRST.txt ============================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Pozdrav. Ovo mi izgleda prilično čisto.


Arrow Korak 1

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1544575880-4100132113-3847230736-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1544575880-4100132113-3847230736-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).




Arrow Korak 2

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Options isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Cleaning i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

offline
  • Pridružio: 11 Avg 2008
  • Poruke: 65
  • Gde živiš: Vancouver

Evo ga....
mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sad stanje?

offline
  • Pridružio: 11 Avg 2008
  • Poruke: 65
  • Gde živiš: Vancouver

Izgleda mi bolje.

Hvala puno Sass Drake.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Obavićemo još jednu provjeru.


Arrow

Arrow Preuzmi instalaciju za Malwarebytes Anti-Malware (MBAM) ver.2.0 i instaliraj aplikaciju.
Dvoklik na mbam-setup.exe i prati uputstva za instalaciju. Instalacija je klasicna, "Next > I Agree . . > Next > Install" princip. Po zavrsenoj instalaciji, klikni Finish.
Napomena: 14 dana besplatna trail verzija je pre-selektovana. Mozes decekirati ovu opciju ako zelis.


- Po prvom pokretanju, MBAM ce zapoceti "Update" u nameri da preuzme najsvezije definicije.
Ili ... klik na 'Update Now >>' link ili dugme radi preuzimanja svezih definicija.

• Konfigurisati skener; Na 'Settings' tabu, Detection and Protection podesiti sledece opcije:
1. pod-tab Detection Options, cekirati kucicu za 'Scan for rootkits';
2. pod-tab Non-Malware Protection, za 'PUP detections', prostarati se da je selektovana 'Threat detections as malware' opcija.




• Izvrsiti 'Threat Scan';
Klik na Scan tab, zatim na 'Scan Now >>' da bi izvrsio skeniranje.
Ukoliko MBAM prijavi da je 'update' dostupan, klik na 'Update Now' a potom nastaviti do skeniranja.
Obavestenje: kod nekih teskih infekcija, moguce je dobiti sledecu poruku "Could not load DDA driver". U tom slucaju, klik Yes na tu poruku, dopustiti ucitavanje drajvera po restartu racunara, dozvoliti restart.
Potom, nastaviti sa ostatkom instrukcija.


• Po zavrsenom skeniranju, klik na Apply Action dugme ukoliko je pretnja detektovana. Sacekati da program zatrazi restart!
- Klik na Yes na poruku koja govori da ce se sistem restartovati.



• Postaviti izvestaj (export-ovati logfile) na uvid;
Ponovo pokrenuti MBAM, klik na History tab > Application Logs. Dvoklik na 'Scan Log' koji pokazuje vreme i datum upravo izvrsenog skeniranja.
1. U novom prozoru klik na 'Export' dugme, pa izabrati 'Text file (*.txt)';
2. Kada se pojavi Save File dialog, izabrati da se log sacuva na Desktop.
U tom istom prozoru, dole pod File name: upisi 'mbam' kao naziv izvestaja i klikni dugme Save.

- Po dobijenoj poruci ("Your file has been successfully exported") izvestaj koji si nazvao kao 'mbam' bice sacuvan na Desktop.




Arrow Okaci mbam.txt uz poruku koristeci opciju Prikači fajl.

offline
  • Pridružio: 11 Avg 2008
  • Poruke: 65
  • Gde živiš: Vancouver

Evo ga log file. Nasao je 3 pretnje i izbrisao ih.
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10621
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

To i bilo to.

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 11 Avg 2008
  • Poruke: 65
  • Gde živiš: Vancouver

Evo ga.


mycity.rs/must-login.png


Hvala ti Sass Drake jos jednom. Ovaj forum i team je zaista odlican!!!!!

Ko je trenutno na forumu
 

Ukupno su 653 korisnika na forumu :: 21 registrovanih, 7 sakrivenih i 625 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Altay, Bane san, brundo65, CheefCoach, CrniGavran, djo97, doom83, gorozup, Helket, ILGromovnik, Joja, Klecaviks, kuntalo, Malizian-50, nuke92, Outis, rodoljub, sabros, scimitar19, Snorks, Toni