Laptop mi je usporio

2

Laptop mi je usporio

offline
  • Pridružio: 18 Feb 2016
  • Poruke: 10

Napisano: 18 Feb 2016 23:50

Ok, stiže odmah.. Very Happy

Dopuna: 18 Feb 2016 23:55


mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6061

Napisano: 18 Feb 2016 23:56

Iskopirao si pogresan log (Addition.txt) Potrebno je da iskopiras FRST.txt.

Uklonicu pogresan log.

Dopuna: 19 Feb 2016 0:00

Nastavicemo sutra. Wink

offline
  • Pridružio: 18 Feb 2016
  • Poruke: 10

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016
Ran by Korisnik (administrator) on KORISNIK-PC (18-02-2016 23:51:18)
Running from C:\Users\Korisnik\Desktop
Loaded Profiles: Korisnik (Available Profiles: Korisnik)
Platform: Windows 7 Ultimate (X64) Language: engleski (SAD)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Sony Ericsson Mobile Communications AB) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
(BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\uTorrent\uTorrent.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe
(BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe
(Autodesk Inc.) C:\Users\Korisnik\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2013-01-15] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7509096 2011-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-10-17] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-15] (AVAST Software)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [522784 2015-11-17] (Autodesk Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [213536 2016-02-01] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\Run: [Google Update] => C:\Users\Korisnik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-10-15] (Google Inc.)
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\Run: [Sony Ericsson PC Companion] => C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [774144 2009-12-08] (Sony Ericsson Mobile Communications AB)
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\Run: [Facebook Update] => C:\Users\Korisnik\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-15] (Facebook Inc.)
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\Run: [ccleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6070040 2013-04-23] (Piriform Ltd)
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\Run: [uTorrent] => C:\Users\Korisnik\AppData\Roaming\uTorrent\uTorrent.exe [2065944 2016-02-09] (BitTorrent Inc.)
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\MountPoints2: {0cf26dfc-0697-11e4-bdeb-78acc040e9c3} - F:\SecureDrive.exe
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\MountPoints2: {6d79e5c3-0efd-11e2-8487-78acc040e9c3} - G:\Startme.exe
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\...\MountPoints2: {ebcb9f88-8ed0-11e5-9e6b-a925bf124a16} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-09] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll [2006-03-05] (Autodesk)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk [2013-04-25]
ShortcutTarget: AutoCAD Startup Accelerator.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2014-12-23]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe (No File)
Startup: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NHL® 09 Registration.lnk [2014-06-11]
ShortcutTarget: NHL® 09 Registration.lnk -> C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe (No File)
Startup: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2013-04-22]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0D20BC5C-763D-46DB-849B-30662411C497}: [DhcpNameServer] 194.28.108.10 194.28.108.70
Tcpip\..\Interfaces\{FEE185C4-6E96-44F7-B48F-A5F906D87BDF}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3207635917-3077674048-3272829710-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?ocid=EIE9HP&PC=UP50
URLSearchHook: HKLM-x32 - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No File
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL =
SearchScopes: HKLM-x32 -> DefaultScope {656E6E9C-D178-48FF-9432-8687B517F785} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-3207635917-3077674048-3272829710-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3207635917-3077674048-3272829710-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-09] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-09] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3207635917-3077674048-3272829710-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Korisnik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3207635917-3077674048-3272829710-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Korisnik\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-3207635917-3077674048-3272829710-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Korisnik\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-11]

Chrome:
=======
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google презентације) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-18]
CHR Extension: (Google документи) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-18]
CHR Extension: (Google диск) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-18]
CHR Extension: (YouTube) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-18]
CHR Extension: (Google Search) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-18]
CHR Extension: (Google табеле) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-18]
CHR Extension: (Google документи офлајн) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-18]
CHR Extension: (Avast Online Security) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-18]
CHR Extension: (Skype) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-18]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-18]
CHR Extension: (Gmail) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
StartMenuInternet: Google Chrome.GCNNNHLSEZM2FVFXROEBALFAY4 - C:\Users\Korisnik\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1139744 2015-11-17] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2013-01-12] (Autodesk)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-09] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-11] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-11-11] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2009-11-19] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2009-11-19] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2009-11-19] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2009-11-19] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2009-11-19] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2009-11-19] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2009-11-19] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-11-11] (Duplex Secure Ltd.)
U3 ax1ru7mx; C:\Windows\System32\Drivers\ax1ru7mx.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; system32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-18 23:51 - 2016-02-18 23:52 - 00020128 _____ C:\Users\Korisnik\Desktop\FRST.txt
2016-02-18 23:28 - 2016-02-18 23:38 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\ZHP
2016-02-18 23:28 - 2016-02-18 23:28 - 00000826 _____ C:\Users\Korisnik\Desktop\ZHPDiag.lnk
2016-02-18 23:26 - 2016-02-18 23:27 - 02122752 _____ C:\Users\Korisnik\Downloads\ZHPDiag3.exe
2016-02-18 20:31 - 2016-02-18 20:31 - 00012515 _____ C:\Users\Korisnik\Desktop\zoek-results.txt
2016-02-18 20:21 - 2014-02-13 23:59 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-02-18 15:30 - 2016-02-18 15:30 - 03419812 _____ C:\Users\Korisnik\Desktop\BOROJEVIC Goran Night-time traffic in urban areas.pdf
2016-02-18 15:23 - 2016-02-18 15:23 - 01286656 _____ C:\Users\Korisnik\Desktop\BOROJEVIC Goran_Prezentacija rada.ppt
2016-02-18 14:33 - 2016-02-18 20:13 - 00000000 ____D C:\zoek_backup
2016-02-18 14:27 - 2016-02-18 14:29 - 04186040 _____ C:\Users\Korisnik\Desktop\zoek.zip
2016-02-18 01:33 - 2016-02-18 23:51 - 00000000 ____D C:\FRST
2016-02-18 01:31 - 2016-02-18 01:32 - 02371072 _____ (Farbar) C:\Users\Korisnik\Desktop\FRST64.exe
2016-02-16 18:04 - 2016-02-16 18:04 - 00000000 ____D C:\Users\Korisnik\Documents\ArmA 2 Other Profiles
2016-02-16 18:03 - 2016-02-16 18:03 - 00000000 ____D C:\Users\Korisnik\Documents\SKIDROW
2016-02-16 17:58 - 2016-02-16 17:59 - 00000000 ____D C:\Users\Korisnik\Documents\ArmA 2
2016-02-16 17:57 - 2016-02-16 17:57 - 00001370 _____ C:\Users\Korisnik\Desktop\Launch ARMA 2 REINFORCEMENTS.lnk
2016-02-16 17:09 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-02-16 17:09 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-02-16 17:09 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-02-16 17:09 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-02-16 17:09 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-02-16 17:09 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-02-16 17:09 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-02-16 17:09 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-02-16 17:09 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-02-16 17:09 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-02-16 17:09 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-02-16 17:09 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-02-16 17:09 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-02-16 17:09 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-02-16 17:09 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-02-16 17:09 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-02-16 17:09 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-02-16 17:09 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-02-16 17:09 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-02-16 17:09 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-02-16 17:09 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-02-16 17:09 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-02-16 17:09 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-02-16 17:09 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-02-16 17:09 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-02-16 17:09 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-02-16 17:08 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-02-16 17:08 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-02-16 17:08 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-02-16 17:08 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-02-16 17:08 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-02-16 17:08 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-02-16 17:08 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-02-16 17:08 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-02-16 17:08 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-02-16 17:08 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-02-16 17:08 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-02-16 17:08 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-02-16 17:08 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-02-16 17:08 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-02-16 17:08 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-02-16 17:08 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-02-16 17:08 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-02-16 17:08 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-02-16 17:08 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-02-16 17:08 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-02-16 17:08 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-02-16 17:08 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-02-16 17:08 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-02-16 17:08 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-02-16 17:08 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-02-16 17:08 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-02-16 17:08 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-02-16 17:08 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-02-16 17:08 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-02-16 17:08 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-02-16 17:08 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-02-16 17:08 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-02-16 17:08 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-02-16 17:08 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-02-16 17:06 - 2016-02-16 17:07 - 00000000 ____D C:\Users\Korisnik\AppData\Local\ArmA 2 REINFORCEMENTS
2016-02-16 17:03 - 2016-02-16 17:43 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2016-02-16 17:03 - 2016-02-16 17:18 - 00000000 ____D C:\Program Files (x86)\Bohemia Interactive
2016-02-16 17:03 - 2016-02-16 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2016-02-14 17:58 - 2016-02-15 23:52 - 02063428 _____ C:\Users\Korisnik\Downloads\PREDAVANJE-5.pdf
2016-02-14 17:58 - 2016-02-15 19:41 - 01083443 _____ C:\Users\Korisnik\Downloads\PREDAVANJE-7.pdf
2016-02-14 17:58 - 2016-02-15 19:32 - 00639678 _____ C:\Users\Korisnik\Downloads\PREDAVANJE-6.pdf
2016-02-14 17:58 - 2016-02-15 19:12 - 00639584 _____ C:\Users\Korisnik\Downloads\PREDAVANJE-ST-3.pdf
2016-02-14 17:58 - 2016-02-15 18:50 - 01865764 _____ C:\Users\Korisnik\Downloads\PREDAVANJE-2.pdf
2016-02-14 17:58 - 2016-02-15 18:25 - 00810768 _____ C:\Users\Korisnik\Downloads\PREDAVANJE-1.pdf
2016-02-14 17:58 - 2016-02-14 17:58 - 03123200 _____ C:\Users\Korisnik\Downloads\PREDAVANJE-4.ppt
2016-02-09 19:42 - 2016-02-09 19:41 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-09 19:41 - 2016-02-09 19:41 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-09 17:07 - 2016-02-18 20:25 - 00000000 ____D C:\Users\Korisnik\AppData\LocalLow\uTorrent
2016-02-08 12:59 - 2016-02-08 12:59 - 00000000 ____D C:\Users\Korisnik\AppData\Local\PDF24
2016-02-08 12:56 - 2016-02-08 12:57 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-02-08 12:56 - 2016-02-08 12:56 - 00001088 _____ C:\Users\Public\Desktop\PDF24.lnk
2016-02-08 12:56 - 2016-02-08 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-01-31 17:22 - 2016-02-01 10:28 - 00000000 ____D C:\Users\Korisnik\Downloads\Safe.2012.720p.BRRip.XviD.AC3-VoXHD
2016-01-31 16:52 - 2016-01-31 16:53 - 06393072 _____ C:\Users\Korisnik\Downloads\4_predavanje i vjezbe_Osnovni faktori BS_01.12.2015.pdf
2016-01-31 16:49 - 2016-01-31 16:52 - 12522714 _____ C:\Users\Korisnik\Downloads\6_predavanje i vjezbe_Saobracajno obrazovanje.ppt_29.12.2015.pdf
2016-01-31 16:47 - 2016-01-31 16:48 - 15723469 _____ C:\Users\Korisnik\Downloads\7_predavanje i vjezbe_Edukacija za saobracaj_Djeca ostecenog sluha_22.12.2015.pdf
2016-01-31 16:44 - 2016-01-31 16:45 - 01491374 _____ C:\Users\Korisnik\Downloads\8_predavanje i vjezbe_kampanje_EDUS_1.pdf
2016-01-31 16:44 - 2016-01-31 16:45 - 00772637 _____ C:\Users\Korisnik\Downloads\9_predavanje i vjezbe_kampanje_EDUS_2.pdf
2016-01-30 20:32 - 2016-01-30 22:27 - 00000000 ____D C:\Program Files (x86)\RAR Password Unlocker
2016-01-30 20:32 - 2016-01-30 20:32 - 00001167 _____ C:\Users\Public\Desktop\RAR Password Unlocker.lnk
2016-01-30 20:32 - 2016-01-30 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Unlocker
2016-01-26 23:56 - 2016-01-26 23:57 - 02140688 _____ C:\Users\Korisnik\Downloads\puškice-edukacija-II-kol.pdf
2016-01-19 00:52 - 2016-01-19 00:52 - 00131961 _____ C:\Users\Korisnik\Downloads\812007D-HSPG13-OlderDriverSafety.pdf
2016-01-19 00:15 - 2016-01-19 00:16 - 00643714 _____ C:\Users\Korisnik\Downloads\TeenDriverETAS-1 (2).pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-18 23:49 - 2013-06-06 21:35 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\uTorrent
2016-02-18 23:38 - 2013-01-21 20:43 - 02592768 ___SH C:\Users\Korisnik\Desktop\Thumbs.db
2016-02-18 23:33 - 2009-07-14 05:45 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-18 23:33 - 2009-07-14 05:45 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-18 23:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2016-02-18 23:23 - 2012-09-21 15:20 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-18 23:12 - 2012-08-14 07:01 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3207635917-3077674048-3272829710-1000UA.job
2016-02-18 21:15 - 2013-04-15 11:10 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3207635917-3077674048-3272829710-1000UA.job
2016-02-18 20:24 - 2012-09-21 15:20 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-18 20:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-18 19:54 - 2012-08-14 07:01 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3207635917-3077674048-3272829710-1000Core.job
2016-02-18 19:45 - 2012-08-14 07:08 - 00003956 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A12C2FA9-E231-4548-937E-0369C0552DAC}
2016-02-18 13:04 - 2015-10-21 17:44 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForKorisnik.job
2016-02-18 00:00 - 2012-12-28 22:30 - 00000400 _____ C:\Windows\Tasks\NeroLiveEpgUpdate-Korisnik-PC_Korisnik.job
2016-02-17 12:15 - 2013-04-15 11:10 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3207635917-3077674048-3272829710-1000Core.job
2016-02-17 11:13 - 2015-11-03 14:04 - 00003204 _____ C:\Windows\System32\Tasks\HPCeeScheduleForKorisnik
2016-02-17 11:07 - 2013-11-11 20:05 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\DAEMON Tools Lite
2016-02-17 11:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-16 23:01 - 2009-07-14 06:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-16 11:06 - 2012-09-21 13:53 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-14 19:59 - 2013-04-03 21:25 - 02129408 ___SH C:\Users\Korisnik\Downloads\Thumbs.db
2016-02-11 01:26 - 2012-08-14 07:02 - 00002413 _____ C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-11 01:25 - 2012-08-14 07:02 - 00002388 _____ C:\Users\Korisnik\Desktop\Google Chrome.lnk
2016-02-11 00:29 - 2013-04-03 19:03 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-09 21:24 - 2012-08-22 18:44 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\Skype
2016-02-09 19:41 - 2014-05-06 12:03 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-09 19:41 - 2013-12-19 19:47 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-09 19:41 - 2013-04-03 19:03 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-09 19:41 - 2012-09-21 13:53 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-09 19:41 - 2012-08-22 18:50 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-02-09 19:41 - 2012-08-22 18:50 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-09 19:40 - 2012-08-22 18:50 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-09 18:06 - 2012-10-17 22:13 - 00000000 ____D C:\Users\Korisnik\Desktop\faks
2016-02-06 14:59 - 2013-03-12 18:23 - 00000000 ____D C:\Users\Korisnik\Documents\Filmovi
2016-02-03 00:18 - 2012-09-21 15:20 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-03 00:18 - 2012-09-21 15:20 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 18:07 - 2012-08-14 07:01 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3207635917-3077674048-3272829710-1000UA
2016-02-02 18:07 - 2012-08-14 07:01 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3207635917-3077674048-3272829710-1000Core
2016-02-01 10:48 - 2012-08-07 19:55 - 00000000 ____D C:\Users\Korisnik\AppData\Local\VirtualStore
2016-01-30 12:45 - 2012-09-21 09:06 - 00000000 ____D C:\Users\Korisnik\Documents\Championship manager
2016-01-29 16:22 - 2012-08-09 12:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-23 17:45 - 2014-06-13 17:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-23 11:24 - 2012-09-19 18:53 - 00000000 ____D C:\Windows\System32\Tasks\Games
2016-01-20 17:06 - 2012-11-07 17:08 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-01-20 17:05 - 2015-03-02 13:51 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories =======

2012-08-14 07:03 - 2014-04-12 16:27 - 0000197 _____ () C:\Users\Korisnik\AppData\Roaming\default.rss
2014-04-02 16:19 - 2014-04-02 16:19 - 0000000 _____ () C:\Users\Korisnik\AppData\Roaming\downloads.m3u
2013-09-21 23:28 - 2014-12-08 12:18 - 0026531 _____ () C:\Users\Korisnik\AppData\Roaming\UserTile.png
2012-11-19 10:33 - 2013-09-21 23:01 - 0005632 _____ () C:\Users\Korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-23 22:14 - 2015-02-06 23:17 - 0000173 _____ () C:\Users\Korisnik\AppData\Local\msmathematics.qat.Korisnik
2013-07-15 22:00 - 2013-07-15 22:00 - 0007597 _____ () C:\Users\Korisnik\AppData\Local\Resmon.ResmonCfg
2015-12-06 16:28 - 2015-12-06 16:28 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-04 15:49

==================== End of FRST.txt ============================

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6061

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
CloseProcesses:
URLSearchHook: HKLM-x32 - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No File
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL =
SearchScopes: HKLM-x32 -> DefaultScope {656E6E9C-D178-48FF-9432-8687B517F785} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} URL =
CreateRestorePoint:
U3 ax1ru7mx; C:\Windows\System32\Drivers\ax1ru7mx.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; system32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [X]
Task: {DF28F14B-40C1-4DD3-BC54-7C7449A13A10} - \GoforFilesUpdate -> No File <==== ATTENTION
EmptyTemp:
End


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.







.






Preuzmi TDSSKiller, sacuvaj alat na Desktop i dvoklikom pokreni TDSSKiller.exe
U "End user Licence Agreement" dijalogu klikni na Accept.
Takođe, u "KSN Statement" dijalogu klikni na Accept.


klikni na dugme Start Scan

Ukoliko sumnjive stavke Suspicious object budu detektovani, podrazumevana opcija (default action) jeste Skip, klikni na Continue.
Ukoliko maliciozni objekti Malicious objects budu detektovani, izaberi opciju Cure.

Okaci mi sadrzaj log-a sa sledece lokacije:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vreme kada je log napravljen)

offline
  • Pridružio: 18 Feb 2016
  • Poruke: 10

Napisano: 22 Feb 2016 20:22

Pozdrav, da nastavimo gdje smo stali... Wink

Fix result of Farbar Recovery Scan Tool (x64) Version:17-02-2016
Ran by Korisnik (2016-02-22 20:05:02) Run:1
Running from C:\Users\Korisnik\Desktop
Loaded Profiles: Korisnik (Available Profiles: Korisnik)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
URLSearchHook: HKLM-x32 - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No File
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL =
SearchScopes: HKLM-x32 -> DefaultScope {656E6E9C-D178-48FF-9432-8687B517F785} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} URL =
CreateRestorePoint:
U3 ax1ru7mx; C:\Windows\System32\Drivers\ax1ru7mx.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; system32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [X]
Task: {DF28F14B-40C1-4DD3-BC54-7C7449A13A10} - \GoforFilesUpdate -> No File <==== ATTENTION
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{96f454ea-9d38-474f-b504-56193e00c1a5} => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}" => key removed successfully
HKCR\CLSID\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} => key not found.
Restore point was successfully created.
ax1ru7mx => service not found.
{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64 => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF28F14B-40C1-4DD3-BC54-7C7449A13A10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF28F14B-40C1-4DD3-BC54-7C7449A13A10}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate => key not found.
EmptyTemp: => 29.3 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 20:07:18 ====

Dopuna: 22 Feb 2016 20:24

mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6061

Postavi Google Chrome pretrazivac na podrazumevana (defaults) podesavanja.

I? Kakvo je sada stanje?

offline
  • Pridružio: 18 Feb 2016
  • Poruke: 10

Uradio sam kako ste rekli i oseti se znatna razlika u odnosu na pre, HVALA vam mnogooo Very Happy

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6061

Sledeća procedura će implementirati završno čišćenje.



Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 18 Feb 2016
  • Poruke: 10

Veliko hvala jos jednom Very Happy

Ko je trenutno na forumu
 

Ukupno su 1190 korisnika na forumu :: 36 registrovanih, 5 sakrivenih i 1149 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1798 - dana 19 Sep 2019 18:42

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., amaterSRB, Bane san, blake, Buzdovan, calvi, celik, cole77, d bos, darcaud, Dorcolac, Eyes Wide Shut, Futurama, Georgius, ILGromovnik, knell, Koca Popovic, Kubovac, ltcolonel, luka1978, Marko Marković, Mercury2, Milan A. Nikolic, Nebo_M, NenadG, radoznao2, SsssssNOVI, stug, suton2, Toni, versus2, VJ, Vlada78, vukdra, xandar, YU-UKI