MyCity » Ambulanta -> Arhiva Ambulante » Laptop Toshiba

Laptop Toshiba

Napisano na dan: 24.9.2014
2

Laptop Toshiba
Pagination Prethodna strana
Sledeća strana Pagination

Idi na vrh

Poslao: 26 Sep 2014 22:15
Idi na vrh
offline
  • Pridružio: 17 Sep 2013
  • Poruke: 100

Uradio sam medjutim neuspesno. I dalje mi se javlja YAC. On mi daje informacije o bootovaju lapa. Evo ga izvestaj.
mycity.rs/must-login.png

Poslao: 27 Sep 2014 01:37
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi BlitzBlank sa sledeće adrese na Desktop:

http://download1.emsisoft.com/BlitzBlank.exe

Pokreni BlitzBlank (dvoklikom na ikonicu);


Kliknuti na karticu Script;

U beli okvir prozora iskopirati sledeći tekst:
DisableDriver:
   isafekrnl
   isafekrnlkit
   isafekrnlr3
   isafenetfilter
   isafekrnlboot
   isafeservice
DeleteFile:
   c:\windows\system32\drivers\isafekrnlboot.sys
DeleteFolder:
   "c:\program files\isafe"


Izvršiti komandu klikom na taster Execute Now;
Na oba upita kliknuti OK.



Napomena:

Nakon restarta računara izveštaj će biti sačuvan pod nazivom blitzblank.log na sistemskoj particiji (tipična lokacija: C:\blitzblank.log);
Sadržaj izveštaja blitzblank.log je potrebno iskopirati ovde u poruci.

Poslao: 27 Sep 2014 10:51
Idi na vrh
offline
  • Pridružio: 17 Sep 2013
  • Poruke: 100

Napisano: 27 Sep 2014 10:40

Dobro jutro Sass. Skinuo BLitz i iskopirao tekst,medjutim kad sam kliknuo na Execute pojavilo mi se upozorenje Syntax error in line 9, invalid file path. Tako da nisam mogao da pokrenem Blitz.

Dopuna: 27 Sep 2014 10:51

Poslao: 27 Sep 2014 17:50
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Probaj onda ovu skriptu.

DisableDriver:
   isafekrnl
   isafekrnlkit
   isafekrnlr3
   isafenetfilter
   isafekrnlboot
   isafeservice
DeleteFolder:
   "c:\program files\isafe"

Poslao: 27 Sep 2014 22:35
Idi na vrh
offline
  • Pridružio: 17 Sep 2013
  • Poruke: 100

Napisano: 27 Sep 2014 22:34

Uspelo izgleda,nije se pojavio po restartovanju lapa YAC. Hvala Sass. Evo izvestaj.
mycity.rs/must-login.png
javascript:void(0);javascript:void(0);

Dopuna: 27 Sep 2014 22:35

Ovo sto pise javascript na kraju moja greska pokusao da ubacim smiyli

Poslao: 28 Sep 2014 10:09
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Pokreni ponovo FRST, označi opciju Addition.txt i klikni na Scan. Kada završi, postavi mi nove FRST.txt i Addition.txt izvještaje.

Poslao: 29 Sep 2014 23:47
Idi na vrh
offline
  • Pridružio: 17 Sep 2013
  • Poruke: 100

Pzdrav Sass. Prvo da ti kazem da nazalost YAC jos uvek postoji na mom lapu. Evo izvestaja.
mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-09-2014
Ran by Korisnik (administrator) on KORISNIK-PC on 29-09-2014 23:36:35
Running from C:\Users\Korisnik\Desktop
Loaded Profile: Korisnik (Available profiles: Korisnik)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Elex do Brasil Participações Ltda) C:\Program Files\iSafe\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\iSafe\iSafeSvc2.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\iSafe\iSafeTray.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
() C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_svc.exe
(RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_bg.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDRuntimeHost.exe
() C:\Program Files\iSafe\ipcdl.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BingDesktop] => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-04] (Microsoft Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2419440 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2008-01-04] (Nero AG)
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6690072 2014-09-17] (SUPERAntiSpyware)
HKU\S-1-5-21-1383390980-3402701400-3600522666-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * bddel.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4590E3B82D63CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = google.com/search?q={searchTerms}
SearchScopes: HKCU - {38719E6A-7179-49CA-AD0A-89B164B5A85C} URL = search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
DPF: {233C1507-6A77-46A4-9443-F871F945D258} download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50

FireFox:
========
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\u8t4mo0q.default
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN17475630261598237&UM=1&q=
FF Homepage: hxxp://www.google.com
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\u8t4mo0q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-20]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-27]

Chrome:
=======
CHR DefaultSuggestURL: Default -> google.com/search?q={searchTerms}
CHR CustomProfile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Radio) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2014-01-08]
CHR Extension: (Google Docs) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-10]
CHR Extension: (Google Drive) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-10]
CHR Extension: (Google Search) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-10]
CHR Extension: (PartyCloud DJ) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\defekohaofmambflfpfoojkmfdpcbgko [2014-01-08]
CHR Extension: (Box Office) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhbbohlkjglcppclgngklojecglglinl [2014-04-09]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2014-01-28]
CHR Extension: (Google Play) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-01-08]
CHR Extension: (Google Wallet) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Radio Stations) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifknnkenefocicoebedkklgknfjlflf [2014-01-08]
CHR Extension: (Viewster - Watch Free Movies Online) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh [2014-01-08]
CHR Extension: (Gmail) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-10]
CHR Extension: (Music) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmbgagameijdgopipkfgalamncphhikd [2014-01-08]
CHR Extension: (RSS Feed Reader) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2014-07-09]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-13] (SUPERAntiSpyware.com)
R2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1459872 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-04] (Microsoft Corp.)
R2 CLHNServiceForPowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [85568 2013-08-06] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [77576 2014-02-12] (CyberLink)
R3 CyberLink PowerDVD 11.0 Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [294664 2014-02-12] (CyberLink)
R2 iSafeService; C:\Program Files\iSafe\iSafeSvc.exe [118048 2014-07-16] (Elex do Brasil Participações Ltda)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-14] (IObit)
R2 Unchecky; C:\Program Files\Unchecky\bin\unchecky_svc.exe [111208 2014-09-11] (RaMMicHaeL)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580232 2014-07-07] (WiseCleaner.com)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2014-05-27] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2014-05-27] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [74240 2014-05-27] (LG Electronics Inc.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38472 2013-12-05] (The OpenVPN Project)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [204056 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2014-03-25] (Phoenix Technologies) [File not signed]
R1 iSafeKrnl; C:\Program Files\iSafe\iSafeKrnl.sys [214592 2014-07-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\iSafe\iSafeKrnlKit.sys [68288 2014-07-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\iSafe\iSafeKrnlR3.sys [37696 2014-07-16] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files\iSafe\iSafeNetFilter.sys [40280 2014-07-09] (Elex do Brasil Participações Ltda) [File not signed]
R2 ntk_PowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [71664 2013-08-06] (Cyberlink Corp.)
R3 pimou; C:\Windows\System32\DRIVERS\pimou.sys [21432 2013-11-30] (Christian Gulden)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-05-03] ()
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [17960 2009-04-10] (Chicony Electronics Co., Ltd.)
R2 WiseFS; C:\Program Files\Wise\Wise Folder Hider\WiseFs32.sys [9256 2014-03-14] ()
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [26824 2014-02-12] (CyberLink Corp.)
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 Tosrfcom; No ImagePath
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 23:36 - 2014-09-29 23:37 - 00019034 _____ () C:\Users\Korisnik\Desktop\FRST.txt
2014-09-29 23:34 - 2014-09-29 23:35 - 00000000 ____D () C:\Users\Korisnik\Desktop\New folder (2)
2014-09-28 11:20 - 2014-09-29 22:06 - 00000406 _____ () C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job
2014-09-28 02:34 - 2014-09-28 02:34 - 00001250 _____ () C:\Users\Public\Desktop\Wise Program Uninstaller.lnk
2014-09-28 02:33 - 2014-09-29 22:12 - 00144190 _____ () C:\Windows\WindowsUpdate.log
2014-09-28 02:33 - 2014-09-28 02:33 - 00109672 _____ () C:\Users\Korisnik\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-28 02:33 - 2014-09-28 02:33 - 00001209 _____ () C:\Users\Public\Desktop\Wise Memory Optimizer.lnk
2014-09-28 02:33 - 2014-09-28 02:33 - 00001166 _____ () C:\Users\Public\Desktop\Wise Folder Hider.lnk
2014-09-28 02:33 - 2014-09-28 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer
2014-09-28 02:33 - 2014-09-28 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Folder Hider
2014-09-28 02:31 - 2014-09-29 22:06 - 00000168 _____ () C:\Windows\setupact.log
2014-09-28 02:31 - 2014-09-28 02:31 - 00406024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-28 02:31 - 2014-09-28 02:31 - 00003588 _____ () C:\Windows\PFRO.log
2014-09-28 02:31 - 2014-09-28 02:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-28 02:30 - 2014-09-28 02:30 - 00000404 _____ () C:\Windows\Tasks\Wise Care 365.job
2014-09-28 02:30 - 2014-09-28 02:30 - 00000384 _____ () C:\Windows\Tasks\Wise Turbo Checker.job
2014-09-28 01:59 - 2014-09-29 22:07 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\Wise Care 365
2014-09-28 01:59 - 2014-09-28 11:19 - 00002004 _____ () C:\Users\Public\Desktop\Wise Care 365.lnk
2014-09-28 01:59 - 2014-09-28 02:34 - 00000000 ____D () C:\Program Files\Wise
2014-09-28 01:59 - 2014-09-28 01:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2014-09-28 01:34 - 2014-09-28 01:34 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\AVG2015
2014-09-28 01:33 - 2014-09-28 01:33 - 00000947 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-09-28 01:33 - 2014-09-28 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-28 01:31 - 2014-09-28 01:33 - 00000000 ____D () C:\ProgramData\AVG2015
2014-09-28 01:21 - 2014-09-28 01:33 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Avg2015
2014-09-28 01:09 - 2014-09-28 01:10 - 160446968 _____ (AVG Technologies) C:\Users\Korisnik\Downloads\avg_ipw_x86_all_2015_5315a8160.exe
2014-09-28 00:52 - 2014-09-28 00:52 - 05389192 _____ (WiseCleaner.com ) C:\Users\Korisnik\Downloads\WiseCare365_V3_howbigdeal.com.exe
2014-09-28 00:32 - 2014-09-28 00:32 - 00008661 _____ () C:\Users\Korisnik\Downloads\Shtrafbat - 01x01 - Episode 1 SR.rar
2014-09-27 22:54 - 2014-09-28 02:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-27 22:20 - 2014-09-27 22:20 - 00002186 _____ () C:\blitzblank.log
2014-09-27 10:41 - 2014-09-27 22:13 - 00000167 _____ () C:\Users\Korisnik\Documents\Blitztxt.txt
2014-09-27 10:36 - 2014-09-27 10:36 - 01153912 _____ (Emsi Software GmbH) C:\Users\Korisnik\Desktop\BlitzBlank.exe
2014-09-27 01:07 - 2014-09-27 01:07 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\eCyber
2014-09-27 00:18 - 2014-09-27 00:18 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Korisnik\Downloads\tdsskiller.exe
2014-09-27 00:17 - 2014-09-27 00:17 - 04161313 _____ () C:\Users\Korisnik\Downloads\tdsskiller.zip
2014-09-26 21:48 - 2014-09-29 23:36 - 00000000 ____D () C:\Users\Korisnik\Desktop\New folder
2014-09-26 21:08 - 2014-09-26 21:08 - 01100288 _____ (Farbar) C:\Users\Korisnik\Desktop\FRST.exe
2014-09-25 21:55 - 2014-09-25 21:55 - 00000000 ____D () C:\Users\Korisnik\Desktop\Kafanski Urnebes
2014-09-25 21:53 - 2014-09-25 21:55 - 131200248 _____ () C:\Users\Korisnik\Downloads\Kafanski Urnebes.zip
2014-09-25 21:03 - 2014-09-25 21:03 - 00000418 _____ () C:\Users\Korisnik\Documents\AVG izvestaj.csv
2014-09-25 20:29 - 2014-09-25 20:36 - 00000000 ____D () C:\Users\Korisnik\Downloads\FRST-OlderVersion
2014-09-24 23:16 - 2014-09-24 23:16 - 01373475 _____ () C:\Users\Korisnik\Downloads\adwcleaner_3.310 (2).exe
2014-09-24 23:15 - 2014-09-28 11:17 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\isafe
2014-09-24 23:07 - 2014-09-24 23:07 - 01373475 _____ () C:\Users\Korisnik\Downloads\adwcleaner_3.310 (1).exe
2014-09-24 22:18 - 2014-09-24 22:18 - 00038582 _____ () C:\Users\Korisnik\Downloads\324536_1363075391_Addition.txt
2014-09-24 22:11 - 2014-09-24 23:23 - 00052199 _____ () C:\Users\Korisnik\Downloads\FRST.txt
2014-09-24 22:10 - 2014-09-29 23:36 - 00000000 ____D () C:\FRST
2014-09-24 21:09 - 2014-09-24 21:09 - 02953520 _____ (AVAST Software) C:\Users\Korisnik\Downloads\avast-browser-cleanup.exe
2014-09-24 00:57 - 2014-09-24 01:07 - 18872272 _____ () C:\Users\Korisnik\Downloads\T0talPro6.4.0.rar
2014-09-23 23:13 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-21 23:13 - 2014-09-21 23:13 - 00012965 _____ () C:\Users\Korisnik\Downloads\78738-Shtrafbat_1_part_Eng.srt.zip
2014-09-21 16:10 - 2014-09-21 16:10 - 06230786 _____ () C:\Users\Korisnik\Downloads\PRO-BUSINESS417.rar
2014-09-21 10:39 - 2014-09-21 10:39 - 00000000 ____D () C:\Users\Korisnik\Desktop\Santana - Corazon (Deluxe Edition) (2014)
2014-09-21 10:38 - 2014-09-21 10:39 - 141565013 _____ () C:\Users\Korisnik\Downloads\Santana - Corazon (Deluxe Edition) (2014).rar
2014-09-21 00:55 - 2014-09-21 00:55 - 00000000 ____D () C:\Users\Korisnik\Desktop\Apostol 2008.DivX.DVDRip.part2
2014-09-21 00:42 - 2014-09-21 00:42 - 00000000 ____D () C:\Users\Korisnik\Desktop\Apostol 2008.DivX.DVDRip.part1
2014-09-21 00:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-21 00:37 - 2014-09-25 20:22 - 00000000 ____D () C:\AdwCleaner
2014-09-21 00:36 - 2014-09-21 00:36 - 01373475 _____ () C:\Users\Korisnik\Downloads\adwcleaner_3.310.exe
2014-09-21 00:15 - 2014-09-21 00:41 - 2621440000 _____ () C:\Users\Korisnik\Downloads\Apostol 2008.DivX.DVDRip.part1.rar
2014-09-21 00:00 - 2014-09-21 00:14 - 1979853131 _____ () C:\Users\Korisnik\Downloads\Apostol 2008.DivX.DVDRip.part2.rar
2014-09-20 23:03 - 2014-09-20 23:20 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\FreeTorrentViewer
2014-09-20 23:00 - 2014-09-20 23:00 - 00164277 _____ () C:\Users\Korisnik\Downloads\184534-apostolsveepizode01do12.zip
2014-09-20 23:00 - 2014-09-20 23:00 - 00000000 ____D () C:\Users\Korisnik\Desktop\184534-apostolsveepizode01do12
2014-09-20 22:58 - 2014-09-20 22:58 - 00162335 _____ () C:\Users\Korisnik\Downloads\a2d6aa1a95edd6f91196fb828647f32ee3aecf01.zip
2014-09-20 22:24 - 2014-09-20 22:24 - 00071680 _____ () C:\Users\Korisnik\Downloads\dvd (2).xls
2014-09-20 11:17 - 2014-09-20 12:40 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\Battle.net
2014-09-20 11:16 - 2014-09-20 11:17 - 00000000 ____D () C:\Program Files\Battle.net
2014-09-20 11:16 - 2014-09-20 11:16 - 00001106 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-09-20 11:16 - 2014-09-20 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-09-20 11:08 - 2014-09-20 11:09 - 02942368 _____ (Blizzard Entertainment) C:\Users\Korisnik\Downloads\World-of-Warcraft-Setup-enGB (1).exe
2014-09-18 21:00 - 2014-09-18 21:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_pimou_01009.Wdf
2014-09-18 20:59 - 2013-11-30 13:40 - 00021432 _____ (Christian Gulden) C:\Windows\system32\Drivers\pimou.sys
2014-09-18 19:30 - 2014-09-18 19:30 - 00000000 ____D () C:\ProgramData\Avg_Update_0814avt
2014-09-17 18:20 - 2014-09-17 18:20 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-09-17 18:20 - 2014-09-17 18:20 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-09-17 02:11 - 2014-09-28 01:20 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\AVG2014
2014-09-17 02:08 - 2014-09-28 01:31 - 00000000 ___HD () C:\$AVG
2014-09-17 02:08 - 2014-09-28 01:23 - 00000000 ____D () C:\Program Files\AVG
2014-09-17 02:08 - 2014-09-28 01:20 - 00000000 ____D () C:\ProgramData\AVG2014
2014-09-17 02:06 - 2014-09-29 22:13 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-17 02:06 - 2014-09-28 01:20 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Avg2014
2014-09-17 02:06 - 2014-09-17 02:06 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\MFAData
2014-09-17 02:03 - 2014-09-17 02:04 - 152430968 _____ (AVG Technologies) C:\Users\Korisnik\Downloads\avg_avct_x86_all_2014_4592a7484_huawei.exe
2014-09-17 01:51 - 2014-09-17 01:51 - 04862664 _____ (AVAST Software) C:\Users\Korisnik\Downloads\avast_free_antivirus_setup_online.exe
2014-09-16 00:25 - 2014-09-16 00:25 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\SXR Software
2014-09-16 00:23 - 2014-09-16 00:23 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\SXR Software
2014-09-16 00:23 - 2014-09-16 00:23 - 00000000 ____D () C:\Program Files\SXR Software
2014-09-15 22:38 - 2014-09-15 22:38 - 00000000 ____D () C:\Users\Korisnik\Desktop\Mesecni izvod kreditne kartice
2014-09-15 22:37 - 2014-09-15 22:38 - 00387472 _____ () C:\Users\Korisnik\Downloads\Mesecni izvod kreditne kartice.zip
2014-09-13 14:13 - 2014-09-20 12:45 - 00000000 ____D () C:\Program Files\World of Warcraft
2014-09-13 14:11 - 2014-09-13 14:11 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Blizzard Entertainment
2014-09-13 14:10 - 2014-09-20 17:06 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Battle.net
2014-09-13 14:10 - 2014-09-20 11:16 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-09-13 14:10 - 2014-09-13 14:10 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-09-13 14:09 - 2014-09-13 14:09 - 00000000 ____D () C:\ProgramData\Battle.net
2014-09-11 20:16 - 2014-09-11 20:16 - 00000000 ____D () C:\ProgramData\Unchecky
2014-09-10 01:19 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 01:19 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 01:19 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 01:19 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 01:19 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 01:19 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 01:19 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 01:19 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 01:19 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 01:19 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 01:19 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 01:19 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 01:19 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 01:19 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 01:19 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 01:19 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 01:19 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 01:19 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 01:19 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 01:19 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 01:19 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 01:19 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 01:19 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 01:19 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 01:19 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 01:19 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 01:19 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 01:19 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 01:19 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 01:18 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 01:18 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 00:57 - 2014-09-10 00:57 - 00000000 ____D () C:\LGMobileUpgrade
2014-09-10 00:44 - 2014-09-10 00:44 - 00001086 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LG PC Suite.Lnk
2014-09-10 00:37 - 2014-09-10 00:44 - 00001080 _____ () C:\Users\Public\Desktop\LG PC Suite.Lnk
2014-09-10 00:34 - 2014-09-10 00:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf
2014-09-10 00:09 - 2014-09-10 00:11 - 60109691 _____ () C:\Users\Korisnik\Downloads\maidment_stella_roberts_lorena_happy_house_2_audio_cd.rar
2014-09-10 00:07 - 2014-09-10 00:14 - 201629561 _____ () C:\Users\Korisnik\Downloads\maidment_stella_roberts_lorena_happy_house_2_new_edition_cd.rar
2014-09-09 23:53 - 2014-09-09 23:55 - 48571510 _____ () C:\Users\Korisnik\Downloads\maidment_stella_roberts_lorena_happy_house_1_class_book_cd_2.rar
2014-09-09 23:48 - 2014-09-09 23:50 - 64140040 _____ () C:\Users\Korisnik\Downloads\maidment_stella_roberts_lorena_happy_house_1_audio_cd.rar
2014-09-09 23:31 - 2014-09-09 23:33 - 48251188 _____ () C:\Users\Korisnik\Downloads\maidment_stella_roberts_lorena_happy_house_1_class_book_cd_1.rar
2014-09-09 23:30 - 2014-09-09 23:32 - 62334216 _____ () C:\Users\Korisnik\Downloads\maidment_stella_roberts_lorena_happy_house_1_cd_rom.zip
2014-09-09 19:49 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-09 19:49 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 19:48 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 19:48 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-06 00:25 - 2014-09-06 00:25 - 00001226 _____ () C:\Windows\system32\bddel.dat
2014-09-03 20:19 - 2014-09-18 20:45 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Innovative Solutions
2014-09-03 20:19 - 2014-09-03 20:34 - 00000000 ____D () C:\ProgramData\Innovative Solutions
2014-09-03 20:19 - 2014-09-03 20:19 - 00000000 ____D () C:\Program Files\Common Files\Innovative Solutions
2014-09-03 20:18 - 2014-09-21 16:22 - 00000000 ____D () C:\Program Files\Innovative Solutions
2014-09-02 22:56 - 2014-09-02 22:56 - 00000000 ____D () C:\Users\Korisnik\Documents\CLEENER
2014-09-02 22:25 - 2014-09-02 22:26 - 17537920 _____ (Innovative Solutions ) C:\Users\Korisnik\Downloads\Advanced_Uninstaller11.exe
2014-09-02 21:46 - 2014-09-03 19:34 - 00000262 _____ () C:\Windows\system32\PARTIZAN.TXT
2014-09-02 21:37 - 2014-09-02 21:40 - 00000000 ____D () C:\ProgramData\RegRun
2014-09-02 21:25 - 2014-09-03 20:57 - 00000000 ____D () C:\Users\Korisnik\Documents\RegRun2
2014-09-02 21:25 - 2014-09-02 21:25 - 00000002 RSHOT () C:\Windows\winstart.bat
2014-09-02 21:24 - 2014-09-02 21:24 - 15790435 _____ () C:\Users\Korisnik\Downloads\unhackme.zip
2014-08-30 19:49 - 2014-08-30 19:52 - 00000163 _____ () C:\Windows\Reimage.ini
2014-08-30 19:45 - 2014-08-30 19:45 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-08-30 19:05 - 2014-08-30 19:05 - 31891592 _____ (Microsoft Corporation) C:\Users\Korisnik\Downloads\EIE11_EN-US_MSN_WIN7.EXE

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 23:28 - 2013-04-10 18:28 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-29 23:11 - 2012-04-09 14:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-29 23:08 - 2014-04-19 14:35 - 00000000 ____D () C:\Program Files\iSafe
2014-09-29 22:12 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-29 22:12 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-29 22:07 - 2014-07-11 22:05 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-29 22:07 - 2014-03-14 23:57 - 00000000 ____D () C:\ProgramData\ProductData
2014-09-29 22:06 - 2013-04-10 18:28 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-29 22:06 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-28 12:47 - 2012-03-13 19:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-28 12:45 - 2012-03-14 00:04 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-28 02:45 - 2013-03-11 20:32 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Google
2014-09-28 02:44 - 2013-04-10 18:28 - 00000000 ____D () C:\Program Files\Google
2014-09-28 02:30 - 2009-07-14 04:03 - 62128128 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-28 02:30 - 2009-07-14 04:03 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-09-28 02:30 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-28 02:30 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-09-28 01:28 - 2012-09-28 10:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-26 20:21 - 2014-04-26 00:59 - 00000000 ____D () C:\Users\Korisnik\Documents\Outlook.com
2014-09-26 20:19 - 2012-04-12 15:55 - 00000000 ____D () C:\Users\Korisnik\Documents\Ispit za licencu_files
2014-09-24 01:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-09-24 01:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-09-24 01:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-09-24 01:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-09-23 22:11 - 2012-04-09 14:03 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-23 22:11 - 2012-03-13 19:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-22 20:42 - 2014-01-27 21:58 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 21:04 - 2012-03-13 17:08 - 00798576 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-18 19:25 - 2009-07-14 06:53 - 00032552 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-17 02:41 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Vss
2014-09-17 02:10 - 2013-04-24 20:29 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\TuneUp Software
2014-09-17 00:56 - 2014-05-09 04:54 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-13 14:14 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-11 21:03 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-10 01:18 - 2013-09-02 00:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 01:14 - 2012-03-13 18:39 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 00:44 - 2013-11-10 02:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2014-09-10 00:44 - 2013-11-10 02:57 - 00000000 ____D () C:\Program Files\LG Electronics
2014-09-10 00:30 - 2013-10-11 20:19 - 00000000 ____D () C:\Users\Korisnik\Documents\MESECNI PLANOVI I PRIPREME
2014-09-09 23:03 - 2012-11-01 19:27 - 00000000 ____D () C:\Users\Korisnik\Documents\procitati
2014-09-09 19:57 - 2014-01-16 19:38 - 00000000 ____D () C:\Program Files\Java
2014-09-07 20:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-09-06 17:43 - 2009-07-14 09:48 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-09-03 21:06 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-09-03 20:57 - 2014-05-06 00:34 - 00000000 ____D () C:\ProgramData\install_clap
2014-09-03 20:57 - 2012-09-08 13:52 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\skypePM
2014-09-03 20:57 - 2012-03-13 19:20 - 00000000 ____D () C:\Users\Korisnik\AppData\Local\Microsoft Help
2014-09-03 20:57 - 2012-03-13 19:05 - 00000000 ____D () C:\Users\Korisnik\AppData\Roaming\Skype
2014-09-03 20:57 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-09-02 21:25 - 2009-07-14 04:04 - 00002577 _____ () C:\Windows\system32\config.nt
2014-09-02 21:25 - 2009-07-14 04:04 - 00001688 _____ () C:\Windows\system32\autoexec.nt

Some content of TEMP:
====================
C:\Users\Korisnik\AppData\Local\Temp\jre-8u20-windows-au.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 20:20

==================== End Of Log ============================

mycity.rs/must-login.png

Poslao: 30 Sep 2014 00:39
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ne instaliraj ništa dok ne završimo i ne koristi dodatne programe na svoju ruku.

Arrow Korak 1

Deinstaliraj sljedeće programe klasičnim putem:

Revo Uninstaller
Wise Care 365
Wise Folder Hider
Wise Memory Optimizer
Wise Program Uninstaller



Arrow Korak 2

Preuzmi BlitzBlank sa sledeće adrese na Desktop:

http://download1.emsisoft.com/BlitzBlank.exe

Pokreni BlitzBlank (dvoklikom na ikonicu);


Kliknuti na karticu Script;

U beli okvir prozora iskopirati sledeći tekst:
DisableDriver:
   iSafeService
   iSafeKrnl
   iSafeKrnlkit
   iSafeKrnlr3
   isafeNetFilter
DeleteFile:
   "C:\Program Files\iSafe\iSafeSvc.exe"
   "C:\Program Files\iSafe\iSafeKrnl.sys"
   "C:\Program Files\iSafe\iSafeKrnlKit.sys"
   "C:\Program Files\iSafe\iSafeKrnlR3.sys"
   "C:\Program Files\iSafe\iSafeNetFilter.sys"
DeleteFolder:
   "C:\Program Files\iSafe"


Izvršiti komandu klikom na taster Execute Now;
Na oba upita kliknuti OK.



Napomena:

Nakon restarta računara izveštaj će biti sačuvan pod nazivom blitzblank.log na sistemskoj particiji (tipična lokacija: C:\blitzblank.log);
Sadržaj izveštaja blitzblank.log je potrebno iskopirati ovde u poruci.



Arrow Korak 3

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

(Elex do Brasil Participações Ltda) C:\Program Files\iSafe\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\iSafe\iSafeSvc2.exe
(Elex do Brasil Participações Ltda) C:\Program Files\iSafe\iSafeTray.exe
() C:\Program Files\iSafe\ipcdl.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN17475630261598237&UM=1&q=
R2 iSafeService; C:\Program Files\iSafe\iSafeSvc.exe [118048 2014-07-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnl; C:\Program Files\iSafe\iSafeKrnl.sys [214592 2014-07-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\iSafe\iSafeKrnlKit.sys [68288 2014-07-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\iSafe\iSafeKrnlR3.sys [37696 2014-07-16] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files\iSafe\iSafeNetFilter.sys [40280 2014-07-09] (Elex do Brasil Participações Ltda) [File not signed]
S3 Tosrfcom; No ImagePath
C:\Program Files\iSafe
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum




Arrow Korak 4

Postavi mi nove FRST.txt i Addition.txt izvještaje.

Poslao: 30 Sep 2014 17:13
Idi na vrh
offline
  • Pridružio: 17 Sep 2013
  • Poruke: 100

mycity.rs/must-login.png

Poslao: 30 Sep 2014 17:29
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Čekam ostale izvještaje.

MyCity » Ambulanta -> Arhiva Ambulante » Laptop Toshiba

Ko je trenutno na forumu
 

Ukupno su 920 korisnika na forumu :: 58 registrovanih, 8 sakrivenih i 854 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Atomski čoban, bankulen, bato, Boris Bosiljčić, boris.zic, brundo65, cer, CrazyDiablo, dekan.m, doklevise, doktor123, dozorni, Dukelander, Frunze, Georgius, GORDI, goxin, Japidson, jukeboxer, Karla, kikisp, kjkszpj, kokodakalo, Kriglord, Krvava Devetka, Kubovac, kunktator, LUDI, MB120mm, mercedesamg, Mercury, mgolub, MiroslavD, moldway, mrav pesadinac, nikoladim, NoOneEver Dreams, oldtimer, opt1, Panter, pein, Ripanjac, SR-3m, stegonosa, strelac07, USSVoyager, Vatreni Zmaj, Vlad000, vobo, wolverined4, Wrangler, xaver, yufighter, |_MeD_|, Žrnov, 125, 79693