Ne mogu da otvorim ni jednu vrstu dokumenta na kompu

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Pozdav i pomoć! Od juče ne mogu da otvorim ni jednu vrstu dokumenta, baca me na sajt da platim odblokiranje. Komp inače radi normalno.
Evo skena:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-04-2016
Ran by djuricv (administrator) on DJURICV-PC (19-04-2016 15:58:10)
Running from D:\Downloads
Loaded Profiles: djuricv (Available Profiles: djuricv)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Everything\Everything.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHWatchdog.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Windows\Temp\bd_E37D.tmp\rzfE37E.tmp
(Bitdefender) C:\Users\djuricv\AppData\Local\Temp\RarSFX0\setupdownloader.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QHSafeTray] => C:\Program Files\360\Total Security\safemon\QHSafeTray.exe [3106936 2016-02-01] (QIHU 360 SOFTWARE CO. LIMITED)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-290912724-644097648-2002099432-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-290912724-644097648-2002099432-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [SmartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\ShellTools.dll [2015-03-11] (SmartSoft Ltd.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-290912724-644097648-2002099432-1000] => :0
AutoConfigURL: [S-1-5-21-290912724-644097648-2002099432-1000] => :0
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{9D4D19C9-0047-462B-B4F2-0BDD5B2E2D5F}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{AD1E4E8B-90C0-44D2-8015-E0786C42D133}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-290912724-644097648-2002099432-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-290912724-644097648-2002099432-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-290912724-644097648-2002099432-1000 -> DefaultScope {04ECDB96-017F-4845-B904-BB9FCAF6C83B} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
SearchScopes: HKU\S-1-5-21-290912724-644097648-2002099432-1000 -> {04ECDB96-017F-4845-B904-BB9FCAF6C83B} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
SearchScopes: HKU\S-1-5-21-290912724-644097648-2002099432-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-290912724-644097648-2002099432-1000 -> {D3AED799-8367-4780-8FA3-8348CF28F4CE} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-15] (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation)
BHO: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-15] (Oracle Corporation)
Toolbar: HKLM - @C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-28] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-15] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-13] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2015-01-01] [not signed]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2015-01-01] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.rs/
CHR StartupUrls: Default -> "hxxp://www.google.rs/"
CHR Profile: C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-18]
CHR Extension: (YouTube) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-18]
CHR Extension: (Adblock Plus) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-18]
CHR Extension: (Google Search) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-18]
CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2016-04-18]
CHR Extension: (Google Docs Offline) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-18]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2016-04-18] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ChromeWMP/wmpChromeupdates.xml] <==== ATTENTION
CHR Extension: (Skype) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-04-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-18]
CHR Extension: (Readability) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2016-04-18]
CHR Extension: (Gmail) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-18]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKU\S-1-5-21-290912724-644097648-2002099432-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2015-10-18] (SUPERAntiSpyware.com)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S4 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S4 CronService; C:\Program Files\Prey\platform\windows\cronsvc.exe [23552 2014-04-30] (Fork Ltd.) [File not signed]
R2 Everything; C:\Program Files\Everything\Everything.exe [1048576 2014-08-06] () [File not signed] <==== ATTENTION
S3 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [947640 2016-03-30] (Bitdefender)
R2 QHActiveDefense; C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe [907384 2016-02-01] (QIHU 360 SOFTWARE CO. LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 SDScannerService; no ImagePath
S2 SDUpdateService; no ImagePath
S2 SDWSCService; no ImagePath
S4 TunnelBearMaintenance; no ImagePath

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker.sys [122448 2015-12-11] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [66128 2016-02-01] (360.cn)
R1 360Box; C:\Windows\System32\DRIVERS\360Box.sys [204368 2016-02-01] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera.sys [34888 2015-02-12] (360.cn)
R1 360SelfProtection; C:\Windows\System32\drivers\360SelfProtection.sys [179152 2015-12-11] (360安全中心)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] ()
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV.sys [177232 2015-12-11] (360.cn)
R1 EfiMon; C:\Windows\System32\Drivers\Efimon.sys [23248 2015-12-11] (360.cn)
R0 HookPort; C:\Windows\System32\Drivers\Hookport.sys [60368 2015-12-11] (360安全中心)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22688 2014-07-15] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation)
R1 qutmdserv; C:\Windows\System32\DRIVERS\qutmdrv.sys [301264 2016-02-01] (360.cn)
R1 qutmipc; C:\Windows\system32\drivers\qutmipc.sys [53960 2015-12-11] (360.cn)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [33280 2014-08-12] (The OpenVPN Project)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-19 15:58 - 2016-04-19 15:58 - 00000000 ____D C:\FRST
2016-04-19 15:50 - 2016-04-19 15:51 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-04-19 15:50 - 2016-04-19 15:50 - 00043186 _____ C:\ProgramData\1461073848.bdinstall.bin
2016-04-19 15:50 - 2016-04-19 15:50 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-04-19 15:23 - 2016-04-19 15:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-04-18 22:58 - 2016-04-18 22:58 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\XnView
2016-04-18 22:58 - 2016-04-18 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2016-04-18 22:58 - 2016-04-18 22:58 - 00000000 ____D C:\Program Files\XnView
2016-04-18 22:54 - 2016-04-19 15:15 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\XnConvert
2016-04-18 22:53 - 2016-04-18 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnConvert
2016-04-18 22:53 - 2016-04-18 22:53 - 00000000 ____D C:\Program Files\XnConvert
2016-04-18 22:45 - 2016-04-18 22:45 - 00000000 ____D C:\Users\djuricv\Tracing
2016-04-18 22:44 - 2016-04-18 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-18 22:44 - 2016-04-18 22:44 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-04-18 20:49 - 2016-04-18 20:49 - 00011755 _____ C:\Users\Public\Downloads\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 00011755 _____ C:\Users\Public\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 00011755 _____ C:\Users\djuricv\Downloads\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 00011755 _____ C:\Users\djuricv\Documents\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 00011755 _____ C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 00011755 _____ C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 00011755 _____ C:\Users\djuricv\AppData\Roaming\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 00011755 _____ C:\Users\djuricv\AppData\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 00011755 _____ C:\Users\djuricv\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 00002578 _____ C:\Users\Public\Downloads\-!RecOveR!-weyti++.Txt
2016-04-18 20:49 - 2016-04-18 20:49 - 00002578 _____ C:\Users\Public\-!RecOveR!-weyti++.Txt
2016-04-18 20:49 - 2016-04-18 20:49 - 00002578 _____ C:\Users\djuricv\Downloads\-!RecOveR!-weyti++.Txt
2016-04-18 20:49 - 2016-04-18 20:49 - 00002578 _____ C:\Users\djuricv\Documents\-!RecOveR!-weyti++.Txt
2016-04-18 20:49 - 2016-04-18 20:49 - 00002578 _____ C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\-!RecOveR!-weyti++.Txt
2016-04-18 20:49 - 2016-04-18 20:49 - 00002578 _____ C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\-!RecOveR!-weyti++.Txt
2016-04-18 20:49 - 2016-04-18 20:49 - 00002578 _____ C:\Users\djuricv\AppData\Roaming\-!RecOveR!-weyti++.Txt
2016-04-18 20:49 - 2016-04-18 20:49 - 00002578 _____ C:\Users\djuricv\AppData\-!RecOveR!-weyti++.Txt
2016-04-18 20:49 - 2016-04-18 20:49 - 00002578 _____ C:\Users\djuricv\-!RecOveR!-weyti++.Txt
2016-04-18 20:48 - 2016-04-18 20:48 - 00011755 _____ C:\Users\djuricv\AppData\LocalLow\-!RecOveR!-weyti++.Htm
2016-04-18 20:48 - 2016-04-18 20:48 - 00002578 _____ C:\Users\djuricv\AppData\LocalLow\-!RecOveR!-weyti++.Txt
2016-04-18 20:44 - 2016-04-18 20:49 - 00011755 _____ C:\Users\djuricv\AppData\Local\-!RecOveR!-weyti++.Htm
2016-04-18 20:44 - 2016-04-18 20:49 - 00002578 _____ C:\Users\djuricv\AppData\Local\-!RecOveR!-weyti++.Txt
2016-04-18 20:44 - 2016-04-18 20:44 - 00011755 _____ C:\Users\djuricv\AppData\Local\Apps\-!RecOveR!-weyti++.Htm
2016-04-18 20:44 - 2016-04-18 20:44 - 00002578 _____ C:\Users\djuricv\AppData\Local\Apps\-!RecOveR!-weyti++.Txt
2016-04-18 20:39 - 2016-04-18 20:49 - 00011755 _____ C:\Users\Public\Documents\-!RecOveR!-weyti++.Htm
2016-04-18 20:39 - 2016-04-18 20:49 - 00002578 _____ C:\Users\Public\Documents\-!RecOveR!-weyti++.Txt
2016-04-18 20:39 - 2016-04-18 20:44 - 00011755 _____ C:\ProgramData\-!RecOveR!-weyti++.Htm
2016-04-18 20:39 - 2016-04-18 20:44 - 00002578 _____ C:\ProgramData\-!RecOveR!-weyti++.Txt
2016-04-18 20:23 - 2016-04-18 20:23 - 00000256 _____ C:\Users\djuricv\Documents\-!recover!-!file!-.txt
2016-04-18 20:22 - 2016-04-18 20:22 - 00000264 _____ C:\Users\djuricv\Documents\desctop._ini
2016-04-06 19:19 - 2016-04-06 22:23 - 00000000 ____D C:\Users\djuricv\Desktop\IMS
2016-03-27 22:28 - 2016-04-18 20:49 - 02512848 _____ C:\Users\djuricv\Desktop\V_SIGURNOST_ AUTOMOBILA.pdf
2016-03-27 16:13 - 2016-04-18 20:49 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\TweakNow RegCleaner 2012
2016-03-27 16:13 - 2016-04-18 20:49 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\TweakNow RegCleaner
2016-03-27 16:13 - 2016-03-27 16:16 - 00000000 ____D C:\Program Files\TweakNow RegCleaner
2016-03-27 16:13 - 2016-03-27 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakNow RegCleaner
2016-03-27 15:47 - 2016-04-18 20:49 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2016-03-27 15:47 - 2016-03-27 15:49 - 00000000 ____D C:\Program Files\Free Window Registry Repair
2016-03-27 15:47 - 2016-03-27 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2016-03-24 19:33 - 2016-04-18 20:48 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\AC3Filter
2016-03-23 21:41 - 2016-04-18 20:49 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fast Image Resizer
2016-03-23 21:41 - 2016-03-23 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Image Resizer
2016-03-23 21:41 - 2016-03-23 21:41 - 00000000 ____D C:\Program Files\Fast Image Resizer
2016-03-20 22:36 - 2016-04-18 20:49 - 07794176 _____ C:\Users\djuricv\Desktop\moj-android-3.pdf
2016-03-20 22:24 - 2016-04-18 20:49 - 00272160 _____ C:\Users\djuricv\Desktop\uputstva.pdf
2016-03-20 22:11 - 2016-04-18 20:49 - 00184720 _____ C:\Users\djuricv\Desktop\Forenzika mobilnih uredjaja.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-19 15:57 - 2015-02-14 21:46 - 00000000 ____D C:\ProgramData\360Quarant
2016-04-19 15:48 - 2015-02-14 20:33 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\360WD
2016-04-19 15:48 - 2010-11-20 23:01 - 00791178 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-19 15:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-04-19 15:46 - 2014-05-31 15:57 - 00000000 ____D C:\ProgramData\MCShield
2016-04-19 15:46 - 2014-05-31 14:31 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Skype
2016-04-19 15:41 - 2014-05-31 15:24 - 00000000 ____D C:\Users\djuricv\AppData\Local\VirtualStore
2016-04-19 15:37 - 2015-11-11 16:04 - 00000000 ___RD C:\Users\djuricv\Google диск
2016-04-19 15:37 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-19 15:37 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Cursors
2016-04-19 15:21 - 2014-08-05 16:11 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-19 15:19 - 2014-08-05 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-19 15:19 - 2014-08-05 16:11 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-04-18 23:19 - 2014-06-06 23:39 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\RssBandit
2016-04-18 22:45 - 2014-05-31 15:24 - 00000000 ____D C:\Users\djuricv
2016-04-18 22:45 - 2014-05-31 14:31 - 00000000 ____D C:\ProgramData\Skype
2016-04-18 22:44 - 2014-05-31 14:32 - 00000000 ____D C:\Users\djuricv\AppData\Local\Skype
2016-04-18 22:44 - 2014-05-31 14:31 - 00000000 ___RD C:\Program Files\Skype
2016-04-18 22:30 - 2009-07-14 06:34 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-18 22:30 - 2009-07-14 06:34 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-18 20:51 - 2014-05-31 15:34 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\uTorrent
2016-04-18 20:50 - 2013-07-20 16:20 - 00000000 ____D C:\WAR.Movie.Collection.DVDRip.XVID
2016-04-18 20:49 - 2016-03-11 20:04 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Everything
2016-04-18 20:49 - 2016-03-11 19:46 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-04-18 20:49 - 2016-02-28 12:57 - 08732128 _____ C:\Users\djuricv\Desktop\Povezivanje sa internetom.pdf
2016-04-18 20:49 - 2016-02-22 16:37 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2016-04-18 20:49 - 2015-12-21 16:40 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\vlc
2016-04-18 20:49 - 2015-12-21 16:35 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2016-04-18 20:49 - 2015-12-18 23:00 - 08311616 _____ C:\Users\djuricv\Desktop\android-4-poglavlje-1.pdf
2016-04-18 20:49 - 2015-12-01 22:46 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\hpqLog
2016-04-18 20:49 - 2015-11-21 14:02 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\dll-files.com
2016-04-18 20:49 - 2015-11-13 22:29 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT
2016-04-18 20:49 - 2015-11-13 20:54 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\MAGIX
2016-04-18 20:49 - 2015-10-31 23:00 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Rainmeter
2016-04-18 20:49 - 2015-10-20 19:40 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Sun
2016-04-18 20:49 - 2015-10-18 02:01 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\SUPERAntiSpyware.com
2016-04-18 20:49 - 2015-07-28 23:11 - 00759648 _____ C:\Users\djuricv\Desktop\Zakon o radu 2014..pdf
2016-04-18 20:49 - 2015-07-22 18:18 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Hard Disk Sentinel
2016-04-18 20:49 - 2015-06-28 17:59 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
2016-04-18 20:49 - 2015-04-13 20:09 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\dvdcss
2016-04-18 20:49 - 2015-04-08 18:59 - 00000000 ___SD C:\Users\djuricv\Documents\My Data Sources
2016-04-18 20:49 - 2015-04-07 00:28 - 08843200 _____ C:\Users\djuricv\Desktop\uputstvo_i10_(2008).pdf
2016-04-18 20:49 - 2015-03-29 00:22 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\SmartFTP
2016-04-18 20:49 - 2015-03-28 23:45 - 00000000 ___SD C:\Users\djuricv\Documents\My Web Sites
2016-04-18 20:49 - 2015-02-21 21:14 - 29454320 _____ C:\Users\djuricv\Desktop\najnoviji testovi sa resenjima.pdf
2016-04-18 20:49 - 2015-02-14 23:05 - 00000000 __SHD C:\$360Section
2016-04-18 20:49 - 2015-01-11 01:43 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\HD Tune Pro
2016-04-18 20:49 - 2015-01-09 23:39 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2016-04-18 20:49 - 2014-12-06 22:41 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\TunnelBear
2016-04-18 20:49 - 2014-11-09 12:16 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Opera Software
2016-04-18 20:49 - 2014-11-09 12:15 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\TuneUp Software
2016-04-18 20:49 - 2014-10-30 20:27 - 07975744 _____ C:\Users\djuricv\Desktop\CCNA Cisco kurs.pdf
2016-04-18 20:49 - 2014-09-14 13:53 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2016-04-18 20:49 - 2014-07-22 20:20 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Foxit Software
2016-04-18 20:49 - 2014-07-16 23:57 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Oracle
2016-04-18 20:49 - 2014-07-10 20:31 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prey
2016-04-18 20:49 - 2014-07-10 15:59 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Mozilla
2016-04-18 20:49 - 2014-07-10 15:56 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\HpUpdate
2016-04-18 20:49 - 2014-06-30 16:58 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\BSplayer Pro
2016-04-18 20:49 - 2014-06-30 16:58 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\BSplayer
2016-04-18 20:49 - 2014-06-14 15:56 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\GRETECH
2016-04-18 20:49 - 2014-06-14 15:45 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\MPC-HC
2016-04-18 20:49 - 2014-06-01 20:53 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Macromedia
2016-04-18 20:49 - 2014-06-01 20:35 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\WinRAR
2016-04-18 20:49 - 2014-06-01 20:28 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-18 20:49 - 2014-05-31 15:24 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Media Center Programs
2016-04-18 20:49 - 2014-05-31 14:35 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-18 20:49 - 2014-05-31 14:35 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\DropboxMaster
2016-04-18 20:49 - 2014-05-31 14:34 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Dropbox
2016-04-18 20:49 - 2014-05-31 14:18 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Splashtop
2016-04-18 20:49 - 2010-11-21 02:46 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-04-18 20:49 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-18 20:48 - 2016-03-11 19:46 - 00000000 ____D C:\Users\djuricv\AppData\Local\Ubisoft Game Launcher
2016-04-18 20:48 - 2015-12-21 16:32 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\5kplayer
2016-04-18 20:48 - 2015-11-13 21:03 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\AIMP3
2016-04-18 20:48 - 2015-10-20 19:39 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\Oracle
2016-04-18 20:48 - 2015-02-14 20:35 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\360TotalSecurity
2016-04-18 20:48 - 2015-02-14 20:34 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\360safe
2016-04-18 20:48 - 2015-01-31 22:35 - 00000000 ____D C:\Users\djuricv\AppData\Local\Readon_Technology
2016-04-18 20:48 - 2015-01-09 23:39 - 00000000 ____D C:\Users\djuricv\AppData\Local\Popcorn Time
2016-04-18 20:48 - 2015-01-01 17:49 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\AVG Web TuneUp
2016-04-18 20:48 - 2015-01-01 17:44 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\AVG2015
2016-04-18 20:48 - 2014-12-07 13:44 - 00000000 ____D C:\Users\djuricv\AppData\Local\Popcorn-Time
2016-04-18 20:48 - 2014-11-09 12:15 - 00000000 ____D C:\Users\djuricv\AppData\Local\TuneUp Software
2016-04-18 20:48 - 2014-10-04 13:17 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Autodesk
2016-04-18 20:48 - 2014-09-14 13:53 - 00000000 ____D C:\Users\djuricv\AppData\Local\PrivaZer
2016-04-18 20:48 - 2014-07-10 19:24 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\Google
2016-04-18 20:48 - 2014-06-30 16:51 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\KMPlayer
2016-04-18 20:48 - 2014-06-23 21:08 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\Sun
2016-04-18 20:48 - 2014-06-06 23:39 - 00000000 ____D C:\Users\djuricv\AppData\Local\RssBandit
2016-04-18 20:48 - 2014-06-01 20:54 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\Adobe
2016-04-18 20:48 - 2014-06-01 20:52 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Adobe
2016-04-18 20:47 - 2016-02-06 01:50 - 00000000 ____D C:\Users\djuricv\AppData\Local\Mansion Casino
2016-04-18 20:47 - 2015-01-01 17:41 - 00000000 ____D C:\Users\djuricv\AppData\Local\MFAData
2016-04-18 20:47 - 2014-11-09 12:16 - 00000000 ____D C:\Users\djuricv\AppData\Local\Opera Software
2016-04-18 20:47 - 2014-06-06 23:39 - 00000000 ____D C:\Users\djuricv\AppData\Local\NewsComponents
2016-04-18 20:47 - 2014-05-31 15:34 - 00000000 ____D C:\Users\djuricv\AppData\Local\Microsoft Help
2016-04-18 20:46 - 2014-12-06 22:37 - 00000000 ____D C:\Users\djuricv\AppData\Local\IsolatedStorage
2016-04-18 20:46 - 2014-12-06 22:37 - 00000000 ____D C:\Users\djuricv\AppData\Local\HockeyCrashes
2016-04-18 20:46 - 2014-07-10 15:52 - 00000000 ____D C:\Users\djuricv\AppData\Local\HP
2016-04-18 20:46 - 2014-05-31 14:24 - 00000000 ____D C:\Users\djuricv\AppData\Local\Google
2016-04-18 20:45 - 2016-02-06 01:33 - 00000000 ____D C:\Users\djuricv\AppData\Local\Casino.com notification
2016-04-18 20:45 - 2016-02-06 01:32 - 00000000 ____D C:\Users\djuricv\AppData\Local\Casino.com
2016-04-18 20:45 - 2015-11-04 23:46 - 00000000 ____D C:\Users\djuricv\AppData\Local\CEF
2016-04-18 20:45 - 2014-11-29 21:35 - 00000000 ____D C:\Users\djuricv\AppData\Local\EyeSpyFX
2016-04-18 20:45 - 2014-05-31 15:08 - 00000000 ____D C:\Users\djuricv\AppData\Local\Comodo
2016-04-18 20:45 - 2014-05-31 14:24 - 00000000 ____D C:\Users\djuricv\AppData\Local\Deployment
2016-04-18 20:44 - 2016-02-22 16:34 - 00000000 ____D C:\ProgramData\Zoom Player
2016-04-18 20:44 - 2016-01-23 20:27 - 00000000 ____D C:\Users\djuricv\AppData\Local\4kdownload.com
2016-04-18 20:44 - 2016-01-20 10:34 - 00000000 ____D C:\Users\djuricv\.oracle_jre_usage
2016-04-18 20:44 - 2015-12-01 22:46 - 00000000 ____D C:\ProgramData\{E446D09C-F25A-4F50-B111-81471218B287}
2016-04-18 20:44 - 2015-10-18 02:01 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-04-18 20:44 - 2015-06-26 21:32 - 00000000 ____D C:\Users\djuricv\AppData\Local\Caesium
2016-04-18 20:44 - 2015-01-01 17:49 - 00000000 ____D C:\Users\djuricv\AppData\Local\AVG Web TuneUp
2016-04-18 20:44 - 2015-01-01 17:41 - 00000000 ____D C:\Users\djuricv\AppData\Local\Avg2015
2016-04-18 20:44 - 2014-11-09 12:13 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2016-04-18 20:44 - 2014-11-09 12:13 - 00000000 ____D C:\ProgramData\TuneUp Software
2016-04-18 20:44 - 2014-10-26 01:45 - 00000000 ____D C:\ProgramData\Rosetta Stone
2016-04-18 20:44 - 2014-06-23 21:10 - 00000000 ____D C:\ProgramData\Sun
2016-04-18 20:44 - 2014-06-07 01:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-04-18 20:44 - 2014-06-01 21:37 - 00000000 ____D C:\Users\djuricv\AppData\Local\Adobe
2016-04-18 20:44 - 2014-05-31 14:24 - 00000000 ____D C:\Users\djuricv\AppData\Local\Apps\2.0
2016-04-18 20:44 - 2014-05-31 14:23 - 00000000 ____D C:\ProgramData\Splashtop
2016-04-18 20:44 - 2014-05-31 14:18 - 00000000 ___HD C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2016-04-18 20:40 - 2016-02-22 16:40 - 00000000 ____D C:\ProgramData\Real
2016-04-18 20:40 - 2015-11-13 22:42 - 00000000 ____D C:\ProgramData\RH_Backups
2016-04-18 20:40 - 2015-11-13 22:28 - 00000000 ____D C:\ProgramData\RFA_Backups
2016-04-18 20:40 - 2015-11-13 22:27 - 00000000 ____D C:\ProgramData\MyDefrag
2016-04-18 20:40 - 2015-01-31 22:36 - 00000000 ____D C:\ProgramData\Readon
2016-04-18 20:40 - 2014-09-14 13:53 - 00000000 ____D C:\ProgramData\privazer
2016-04-18 20:40 - 2014-06-23 21:10 - 00000000 ____D C:\ProgramData\Oracle
2016-04-18 20:40 - 2014-06-01 20:53 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-04-18 20:40 - 2014-05-31 21:06 - 00000000 ____D C:\ProgramData\Registry First Aid Backups
2016-04-18 20:39 - 2016-01-27 23:37 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-04-18 20:39 - 2015-12-21 16:32 - 00000000 ____D C:\ProgramData\Apple
2016-04-18 20:39 - 2015-11-13 20:54 - 00000000 ____D C:\ProgramData\MAGIX
2016-04-18 20:39 - 2015-01-01 19:32 - 00000000 ____D C:\ProgramData\gjkhilnflbhcnhhccoaonfafhfgdbknl
2016-04-18 20:39 - 2015-01-01 19:24 - 00000000 ____D C:\ProgramData\akejhkkhjbpnndplolokalfihlgkbekh
2016-04-18 20:39 - 2015-01-01 17:48 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-04-18 20:39 - 2015-01-01 17:43 - 00000000 ____D C:\ProgramData\AVG2015
2016-04-18 20:39 - 2015-01-01 17:41 - 00000000 ____D C:\ProgramData\MFAData
2016-04-18 20:39 - 2014-10-04 13:17 - 00000000 ____D C:\ProgramData\Autodesk
2016-04-18 20:39 - 2014-07-11 14:51 - 00000000 ____D C:\ProgramData\ChessOK Playing Zone
2016-04-18 20:39 - 2014-07-10 15:55 - 00000000 ____D C:\ProgramData\HP
2016-04-18 20:39 - 2014-06-15 19:36 - 00000000 ____D C:\ProgramData\GRETECH
2016-04-18 20:39 - 2014-06-01 20:50 - 00000000 ____D C:\ProgramData\Adobe
2016-04-18 20:39 - 2014-05-31 15:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-18 20:39 - 2014-05-31 15:07 - 00000000 ____D C:\ProgramData\Comodo
2016-04-18 20:39 - 2014-05-31 14:28 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-18 20:38 - 2015-02-15 14:33 - 00000000 ____D C:\ProgramData\360SD
2016-04-18 20:38 - 2015-02-14 20:33 - 00000000 ____D C:\ProgramData\360safe
2016-04-18 20:38 - 2014-07-01 21:56 - 00000000 ____D C:\Sulejman velicanstveni
2016-04-18 20:23 - 2015-02-14 20:33 - 00000000 _RSHD C:\360SANDBOX
2016-04-13 22:28 - 2014-05-31 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-04-10 14:49 - 2014-07-01 22:00 - 00000000 ____D C:\Users\djuricv\Desktop\Red voznje
2016-04-09 13:02 - 2015-11-21 14:02 - 00000358 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2016-04-03 13:41 - 2014-06-14 15:56 - 00001078 _____ C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2016-04-03 13:41 - 2014-06-14 15:55 - 00000000 ____D C:\Program Files\Gom Player
2016-03-27 15:38 - 2014-08-18 23:59 - 00000000 ____D C:\Users\djuricv\Desktop\ZAHTEVI VOZARA
2016-03-27 15:35 - 2015-11-13 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid
2016-03-23 21:34 - 2015-02-21 02:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-03-23 21:34 - 2014-05-31 14:24 - 00000000 ____D C:\Program Files\Google

==================== Files in the root of some directories =======

2016-04-18 20:49 - 2016-04-18 20:49 - 0011755 _____ () C:\Users\djuricv\AppData\Roaming\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 0106066 _____ () C:\Users\djuricv\AppData\Roaming\-!RecOveR!-weyti++.Png
2016-04-18 20:49 - 2016-04-18 20:49 - 0002578 _____ () C:\Users\djuricv\AppData\Roaming\-!RecOveR!-weyti++.Txt
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\djuricv\AppData\Roaming\BNIGJ
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\djuricv\AppData\Roaming\INRWMRI
2010-07-03 07:09 - 2010-07-03 07:09 - 0012477 _____ () C:\Users\djuricv\AppData\Roaming\ShortcutSettings.xml
2016-04-18 20:49 - 2016-04-18 20:49 - 0011755 _____ () C:\Users\djuricv\AppData\Roaming\Microsoft\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 0106066 _____ () C:\Users\djuricv\AppData\Roaming\Microsoft\-!RecOveR!-weyti++.Png
2016-04-18 20:49 - 2016-04-18 20:49 - 0002578 _____ () C:\Users\djuricv\AppData\Roaming\Microsoft\-!RecOveR!-weyti++.Txt
2016-04-18 20:44 - 2016-04-18 20:49 - 0011755 _____ () C:\Users\djuricv\AppData\Local\-!RecOveR!-weyti++.Htm
2016-04-18 20:44 - 2016-04-18 20:49 - 0106066 _____ () C:\Users\djuricv\AppData\Local\-!RecOveR!-weyti++.Png
2016-04-18 20:44 - 2016-04-18 20:49 - 0002578 _____ () C:\Users\djuricv\AppData\Local\-!RecOveR!-weyti++.Txt
2015-04-08 19:24 - 2015-04-08 19:24 - 0007611 _____ () C:\Users\djuricv\AppData\Local\Resmon.ResmonCfg
2014-06-11 18:29 - 2014-06-11 18:29 - 0000000 _____ () C:\Users\djuricv\AppData\Local\{448E7285-002A-489C-94A4-042D49D11E2E}
2016-04-18 20:39 - 2016-04-18 20:44 - 0011755 _____ () C:\ProgramData\-!RecOveR!-weyti++.Htm
2016-04-18 20:39 - 2016-04-18 20:44 - 0106066 _____ () C:\ProgramData\-!RecOveR!-weyti++.Png
2016-04-18 20:39 - 2016-04-18 20:44 - 0002578 _____ () C:\ProgramData\-!RecOveR!-weyti++.Txt
2016-04-19 15:50 - 2016-04-19 15:50 - 0043186 _____ () C:\ProgramData\1461073848.bdinstall.bin
2014-07-10 15:53 - 2014-07-10 15:53 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\djuricv\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-18 00:23

==================== End of FRST.txt ============================
mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav,

Da, zapatio si ransomware koji je enkriptovao fajlove. Koji tacno, ni sam ne znam, jer ih ima mali milion ovih dana.

Poseti ovaj sajt:

https://id-ransomware.malwarehunterteam.com/

Uploaduje ili primerak nekog zarazenog fajla ili taj ransom note ili tekstualni fajl koji te obavestava da si zarazen.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Evo šta kaže: id-ransomware.malwarehunterteam.com/identify.php
Ima li ovde uopšte nade ili ne? Koliko brzo se i da li uopšte nalazi rešenje u ovakvim slučajevima? Mogu li još nekim programom da probam da ga se rešim?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da li ti je reklo koji je tip infekcije u pitanju?

Ako je TeslaCrypt kao sto mislimo, onda nema resenja.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Код мене у фирми је још пре неколико дана ИТ сектор слао циркуларни мејл из којег преносим део:Citat:...

Откривена је нова варијанта Ransomware вируса који се брзо шири кроз SPAM email или преко компромитованих сајтова.
Ова варијанта вируса криптује (кодира) фајлове на рачунарима жртава и тражи откупнину (од 200 до 500 долара) како би корисници поново приступили својим фајловима.
Иако постоји више варијанти највећи број email порука преко кога се ови вируси шире садрже наслов следећег облика:

ATTN: Invoice J-[NASUMIČNI BROJEVI]
...Наравно, не знам да ли је Воја овако закачио тај ransomware, али чисто да и други виде...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

OK tako je kakao je, ima li smisla da ipak sačuvam kopiju tih zaključanih dokumenata, možda se ubuduće pojavi rešenje? I sa kojim programom je najbolje da preskeniram računar i da ga očistim, pretpostavljam da je zaraza još na njemu, možda trenutno neaktivna ali postoji?!

• 3Ovo se svidja korisnicima: Black Code, bojan1000, SlobaBgd
  
  Registruj se da bi pohvalio/la poruku!

Zasto bre niko ko dodje ovde da trazi pomoc ne ume da se ponasa? Ovo je pojava koja se stalno desava.

Odgovori decidirano na pitanje koje sam postavio. Ja te pitam kako bih pomogao, ti odgovaras nesto drugo. Na pitanje odgovara pitanjem.

Ako ne umes da se snadjes, uploaduje kopiju jednog zarazenog fajla preko ovog linka:

http://www.mycity.rs/ambulanta-upload.php

Takodje, mozes da uploadujes i jedan od ovih fajlova:

C:\Users\djuricv\Downloads\-!RecOveR!-weyti++.Txt
C:\Users\djuricv\Documents\-!RecOveR!-weyti++.Txt
C:\Users\Public\Documents\-!RecOveR!-weyti++.Htm
C:\Users\Public\Documents\-!RecOveR!-weyti++.Txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ako je TeslaCrypt kao sto mislimo, onda nema resenja.[/quote]

TeslaCrypt 4 preciznije rečeno, pa zato i ono moje prethodno pitanje.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Sumnjam da ce se u skorije vreme (nekoliko meseci, a verovatno i godina) pojaviti resenje kako bi ljudi mogli povratiti svoje podatke, tako da je na tebi da li ces podatke sacuvati ili ne.

Ono sto mozemo jeste da pocistimo neke ostatke infekcije i to je to.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 02 Maj 2016 23:41

ok, skenirao sam komp sa nod 32, emsisoft anti malwareom, spybot serach and destroy i pobrisao neke datoteke koje su predložili za brisanje. Evo i novi log od farbar recovery scan tool, molim za komentar, ima li šta da se još obriše, hvala unapred.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-05-2016
Ran by djuricv (administrator) on DJURICV-PC (02-05-2016 23:37:47)
Running from C:\Users\djuricv\Desktop
Loaded Profiles: djuricv (Available Profiles: djuricv)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\djuricv\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files\RssBandit\RSSBandit.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [6389768 2016-04-13] (Emsisoft Ltd)
HKU\S-1-5-21-290912724-644097648-2002099432-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-290912724-644097648-2002099432-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL No File [ ]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL No File
ShellIconOverlayIdentifiers: [SmartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\ShellTools.dll [2015-03-11] (SmartSoft Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{9D4D19C9-0047-462B-B4F2-0BDD5B2E2D5F}: [DhcpNameServer] 192.168.1.1 0.0.0.0
ManualProxies:

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-290912724-644097648-2002099432-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-290912724-644097648-2002099432-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-290912724-644097648-2002099432-1000 -> DefaultScope {04ECDB96-017F-4845-B904-BB9FCAF6C83B} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
SearchScopes: HKU\S-1-5-21-290912724-644097648-2002099432-1000 -> {04ECDB96-017F-4845-B904-BB9FCAF6C83B} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
SearchScopes: HKU\S-1-5-21-290912724-644097648-2002099432-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-290912724-644097648-2002099432-1000 -> {D3AED799-8367-4780-8FA3-8348CF28F4CE} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL => No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-15] (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation)
BHO: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-15] (Oracle Corporation)
Toolbar: HKLM - @C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-28] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-15] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-13] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2015-01-01] [not signed]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2015-01-01] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.rs/
CHR StartupUrls: Default -> "hxxps://www.google.rs/"
CHR Profile: C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-19]
CHR Extension: (Google Docs) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-19]
CHR Extension: (Google Drive) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-19]
CHR Extension: (YouTube) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-19]
CHR Extension: (Google Search) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-19]
CHR Extension: (Google Sheets) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Gmail) - C:\Users\djuricv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-19]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKU\S-1-5-21-290912724-644097648-2002099432-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2015-10-18] (SUPERAntiSpyware.com)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [7528464 2016-04-13] (Emsisoft Ltd)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S4 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S4 CronService; C:\Program Files\Prey\platform\windows\cronsvc.exe [23552 2014-04-30] (Fork Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1982752 2016-02-23] (ESET)
S4 Everything; C:\Program Files\Everything\Everything.exe [1048576 2014-08-06] () [File not signed] <==== ATTENTION
S3 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [947640 2016-03-30] (Bitdefender)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 clcmanagersrv; "C:\Program Files\Clcegh\clcmanagersrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
S4 Lnspmekiingcachesrv; "C:\Program Files\Lnspmekiing\Lnspmekiingcachesrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
S4 TunnelBearMaintenance; no ImagePath

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [206312 2016-02-23] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146024 2016-02-23] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [130616 2016-02-23] (ESET)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [102792 2016-02-11] (Emsisoft Ltd)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2016-04-19] ()
S3 farflt; C:\Windows\system32\drivers\farflt.sys [49024 2016-04-19] (Malwarebytes)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22688 2014-07-15] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation)
S1 qutmipc; C:\Windows\system32\drivers\qutmipc.sys [53960 2015-12-11] (360.cn)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [33280 2014-08-12] (The OpenVPN Project)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-02 23:37 - 2016-05-02 23:38 - 00015855 _____ C:\Users\djuricv\Desktop\FRST.txt
2016-05-02 23:37 - 2016-05-02 23:37 - 00000000 ____D C:\FRST
2016-05-02 23:30 - 2016-05-02 23:30 - 01728000 _____ (Farbar) C:\Users\djuricv\Desktop\FRST.exe
2016-05-02 22:20 - 2016-05-02 22:20 - 02856736 _____ (MyCity) C:\Users\djuricv\Downloads\MCShield-Setup.exe
2016-05-02 22:15 - 2016-05-02 22:15 - 00000000 ____D C:\Windows\PCHEALTH
2016-05-02 21:55 - 2016-05-02 21:55 - 00016384 _____ C:\Users\djuricv\Desktop\dg.xls
2016-05-02 20:55 - 2016-05-02 20:55 - 00024676 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Microsoft Office 2007.torrent
2016-05-02 20:46 - 2016-05-02 20:46 - 00025237 _____ C:\Users\djuricv\Downloads\[CrnaBerza]MicroSoft Office 2007 With Key -THADOGG.torrent
2016-05-02 19:48 - 2016-05-02 19:48 - 00144281 _____ C:\Users\djuricv\Desktop\85.pdf
2016-05-02 19:47 - 2016-05-02 19:47 - 00144641 _____ C:\Users\djuricv\Desktop\707.pdf
2016-05-02 17:42 - 2016-05-02 17:42 - 00112212 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Escape Plan 2013 BRRip XviD-tenna.avi.torrent
2016-05-02 15:11 - 2016-05-02 15:11 - 00027496 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Jane.Got.A.Gun.2015.V2.HDRip.XviD.AC3-EVO.torrent
2016-05-02 15:10 - 2016-05-02 15:10 - 00029536 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Laugh.Killer.Laugh.2015.HDTV.XviD.AC3-EVO.torrent
2016-05-02 15:05 - 2016-05-02 15:05 - 00005823 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Vidi.241.pdf.torrent
2016-05-02 15:05 - 2016-05-02 15:05 - 00002737 _____ C:\Users\djuricv\Downloads\[CrnaBerza]PC Chip 251 april 2016.pdf.torrent
2016-05-02 15:05 - 2016-05-02 15:05 - 00002736 _____ C:\Users\djuricv\Downloads\[CrnaBerza]PC Chip 250 Mart 2016.pdf.torrent
2016-05-02 15:04 - 2016-05-02 15:04 - 00011328 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Provjereno.14.04.2016[OYOsiterip].mp4.torrent CB.torrent
2016-05-02 15:03 - 2016-05-02 15:03 - 00016643 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Brazilska obala.torrent
2016-05-02 15:01 - 2016-05-02 15:01 - 00019260 _____ C:\Users\djuricv\Downloads\[CrnaBerza]2016 The New Movie 2 titlovana kolekcija-spy - berza.torrent
2016-05-02 14:47 - 2016-05-02 14:47 - 00000000 ____D C:\Users\djuricv\Documents\ProcAlyzer Dumps
2016-04-30 08:59 - 2016-04-30 08:59 - 01346589 _____ C:\Users\djuricv\Downloads\Sigurnost_na_internetu_I_II_III.rar
2016-04-30 08:58 - 2016-04-30 08:59 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\djuricv\Downloads\spybot-2.4.exe
2016-04-30 08:56 - 2016-05-02 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2016-04-30 08:56 - 2016-05-02 22:24 - 00000000 ____D C:\ProgramData\MCShield
2016-04-30 08:56 - 2016-05-02 22:24 - 00000000 ____D C:\Program Files\MCShield
2016-04-30 08:53 - 2016-04-30 08:53 - 00114427 _____ C:\Users\djuricv\Downloads\hacking_prirucnici.rar
2016-04-30 08:52 - 2016-04-30 08:52 - 00218861 _____ C:\Users\djuricv\Desktop\Umetnost obmane.pdf
2016-04-30 08:51 - 2016-04-30 08:51 - 00233794 _____ C:\Users\djuricv\Desktop\Umece provale.pdf
2016-04-30 08:50 - 2016-04-30 08:50 - 00180714 _____ C:\Users\djuricv\Downloads\Umece_provale.rar
2016-04-29 15:15 - 2016-04-29 15:15 - 00006989 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Mirillis_Action__1.30.1_Multilingual_+_Reg_Key__SadeemPC_.torrent
2016-04-29 15:12 - 2016-04-29 15:12 - 00001641 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Disk Doctors Windows Data Recovery 3.0.3.353 + (zabranjeno).torrent
2016-04-29 15:08 - 2016-04-29 15:08 - 00071575 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Zivjeti u velegradu 4.torrent
2016-04-29 15:08 - 2016-04-29 15:08 - 00033975 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Victor Truviano - zivjeti bez vode.mkv.torrent
2016-04-29 15:07 - 2016-04-29 15:07 - 00013259 _____ C:\Users\djuricv\Downloads\[CrnaBerza]U svijetu kriptozoologije.mp4.torrent
2016-04-23 19:42 - 2016-04-23 19:43 - 08505824 _____ C:\Users\djuricv\Downloads\setup.exe
2016-04-23 09:54 - 2016-04-23 09:55 - 15550634 _____ C:\Users\djuricv\Downloads\ECDL_moduli.rar
2016-04-23 09:36 - 2016-04-23 09:36 - 00001683 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Internet.pdf.torrent
2016-04-23 09:35 - 2016-04-23 09:35 - 00028373 _____ C:\Users\djuricv\Downloads\[CrnaBerza]John B. Alexander - americka vojska i parapsihologija.mkv.torrent
2016-04-23 09:34 - 2016-04-23 09:34 - 00003990 _____ C:\Users\djuricv\Downloads\[CrnaBerza]mein_kampf-kroatisch.pdf.torrent
2016-04-23 09:34 - 2016-04-23 09:34 - 00000739 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Klaudio Vrancic -Sto kladionice ne zele da znate (1).torrent
2016-04-23 09:31 - 2016-04-23 09:31 - 00011789 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Josip Ilic-Dreven - Kartaske igre i trikovi-cb.torrent
2016-04-23 09:29 - 2016-04-23 09:29 - 00019384 _____ C:\Users\djuricv\Downloads\[CrnaBerza]2015 The New Movie 19 titlovana kolekcija-spy - berza.torrent
2016-04-23 09:24 - 2016-04-23 09:24 - 00001156 _____ C:\Users\djuricv\Downloads\[CrnaBerza]ANATOMIJA -TRENINGA SNAGE.pdf.torrent
2016-04-23 08:34 - 2016-04-23 08:34 - 00000000 ____D C:\Users\djuricv\Tracing
2016-04-22 23:49 - 2016-04-22 23:49 - 00023502 _____ C:\Users\djuricv\Downloads\[CrnaBerza]George Clarke - Cudesne zamisli 4.torrent
2016-04-22 23:48 - 2016-04-22 23:48 - 00019595 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Iran - zemlja i ljudi.mp4.torrent
2016-04-22 23:48 - 2016-04-22 23:48 - 00018142 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Fugu - okus za koji se umire.mkv (1).torrent
2016-04-22 23:47 - 2016-04-22 23:47 - 00018142 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Fugu - okus za koji se umire.mkv.torrent
2016-04-22 23:47 - 2016-04-22 23:47 - 00014588 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Emocije - sluge i gospodari.torrent
2016-04-22 23:46 - 2016-04-22 23:46 - 00013987 _____ C:\Users\djuricv\Downloads\[CrnaBerza]George Harrison - Zivot u materijalnom svijetu 2.dio.mp4.torrent
2016-04-22 23:46 - 2016-04-22 23:46 - 00013025 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Cijepljenje.mp4.torrent
2016-04-22 23:45 - 2016-04-22 23:45 - 00369501 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Outsiders S01.torrent
2016-04-22 23:44 - 2016-04-22 23:44 - 00018589 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Priča o bogu 2 cb.torrent
2016-04-22 23:44 - 2016-04-22 23:44 - 00012802 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Ajurveda i autoimune bolesti.mp4.torrent
2016-04-22 23:42 - 2016-04-22 23:42 - 00015432 _____ C:\Users\djuricv\Downloads\[CrnaBerza]HAK - Prirucnik za osposobljavanje i polaganje vozackog ispita-cb.torrent
2016-04-22 23:42 - 2016-04-22 23:42 - 00014104 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Genska kuhinja - Biohakeri i geneticka revolucija.mkv.torrent
2016-04-22 23:42 - 2016-04-22 23:42 - 00011357 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Kako pobijediti hakere.mkv.torrent
2016-04-22 23:09 - 2016-04-22 23:09 - 00017477 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Srpsko nemacki za pocetnike.torrent
2016-04-22 23:07 - 2016-04-22 23:07 - 00025423 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Sinhronizovani stari crtaci.torrent
2016-04-22 23:00 - 2016-04-22 23:00 - 00068955 _____ C:\Users\djuricv\Downloads\[CrnaBerza]TUTORIJALI.torrent
2016-04-22 23:00 - 2016-04-22 23:00 - 00068955 _____ C:\Users\djuricv\Downloads\[CrnaBerza]TUTORIJALI (1).torrent
2016-04-22 23:00 - 2016-04-22 23:00 - 00019570 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Veliki_vojni_kuvar.rar.torrent
2016-04-22 22:58 - 2016-04-22 22:58 - 00000739 _____ C:\Users\djuricv\Downloads\[CrnaBerza]Klaudio Vrancic -Sto kladionice ne zele da znate.torrent
2016-04-20 20:17 - 2016-04-20 20:17 - 00000000 ____D C:\Users\djuricv\AppData\Local\ESET
2016-04-20 20:12 - 2016-04-20 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-04-20 20:12 - 2016-04-20 20:12 - 00000000 ____D C:\ProgramData\ESET
2016-04-20 20:12 - 2016-04-20 20:12 - 00000000 ____D C:\Program Files\ESET
2016-04-20 20:06 - 2016-04-20 20:06 - 00000000 ____D C:\ProgramData\Emsisoft
2016-04-20 20:01 - 2016-04-20 20:01 - 02993824 _____ (ESET) C:\Users\djuricv\Downloads\eset_nod32_antivirus_live_installer.exe
2016-04-20 20:01 - 2016-04-20 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-04-20 20:00 - 2016-05-02 23:38 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-04-20 19:56 - 2016-04-20 20:00 - 233761232 _____ (Emsisoft Ltd. ) C:\Users\djuricv\Downloads\EmsisoftAntiMalwareSetup.exe
2016-04-20 19:52 - 2016-04-20 19:52 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\djuricv\Downloads\tdsskiller.exe
2016-04-20 17:14 - 2016-04-20 17:37 - 00000080 _____ C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk
2016-04-20 16:25 - 2016-04-20 16:25 - 01005568 _____ (Microsoft Corporation) C:\Users\djuricv\Downloads\dotNetFx45_Full_setup.exe
2016-04-20 15:28 - 2016-04-20 15:28 - 00235445 _____ C:\ProgramData\1461158776.bdinstall.bin
2016-04-20 15:24 - 2016-04-20 15:24 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2016-04-20 15:24 - 2016-04-20 15:24 - 00000000 ____D C:\ProgramData\BDLogging
2016-04-20 15:24 - 2009-07-14 11:27 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-04-20 15:24 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2016-04-20 15:23 - 2016-04-20 15:23 - 00184344 _____ C:\Users\djuricv\Desktop\Forenzika mobilnih uredjaja.pdf
2016-04-20 15:22 - 2016-04-20 15:22 - 02512467 _____ C:\Users\djuricv\Desktop\V_SIGURNOST_ AUTOMOBILA.pdf
2016-04-20 15:21 - 2016-04-20 15:21 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\QuickScan
2016-04-19 21:51 - 2016-04-19 21:52 - 03683904 _____ C:\Users\djuricv\Downloads\adwcleaner_5.112.exe
2016-04-19 20:31 - 2016-04-19 20:32 - 00000000 ____D C:\Users\djuricv\AppData\Local\TorrentUnlocker
2016-04-19 20:27 - 2016-04-19 20:27 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\www.shadowexplorer.com
2016-04-19 19:23 - 2016-04-19 19:46 - 00000000 ____D C:\Program Files\Recuva
2016-04-19 19:23 - 2016-04-19 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2016-04-19 18:44 - 2016-04-19 20:37 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-19 18:03 - 2016-04-19 21:54 - 00049024 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2016-04-19 18:03 - 2016-04-19 18:03 - 00019984 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-04-19 17:16 - 2016-04-19 17:16 - 00000000 ____D C:\ProgramData\Sophos
2016-04-19 15:50 - 2016-05-02 23:13 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-04-19 15:50 - 2016-04-19 15:50 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-04-19 15:23 - 2016-04-19 15:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-04-18 22:58 - 2016-04-18 22:58 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\XnView
2016-04-18 22:58 - 2016-04-18 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2016-04-18 22:58 - 2016-04-18 22:58 - 00000000 ____D C:\Program Files\XnView
2016-04-18 22:54 - 2016-04-19 18:50 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\XnConvert
2016-04-18 22:53 - 2016-04-18 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnConvert
2016-04-18 22:53 - 2016-04-18 22:53 - 00000000 ____D C:\Program Files\XnConvert
2016-04-18 22:44 - 2016-04-18 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-18 22:44 - 2016-04-18 22:44 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-04-18 20:49 - 2016-04-18 20:49 - 00011755 _____ C:\Users\djuricv\AppData\Roaming\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 00011755 _____ C:\Users\djuricv\AppData\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 00002578 _____ C:\Users\djuricv\AppData\Roaming\-!RecOveR!-weyti++.Txt
2016-04-18 20:49 - 2016-04-18 20:49 - 00002578 _____ C:\Users\djuricv\AppData\-!RecOveR!-weyti++.Txt
2016-04-18 20:48 - 2016-04-18 20:48 - 00011755 _____ C:\Users\djuricv\AppData\LocalLow\-!RecOveR!-weyti++.Htm
2016-04-18 20:48 - 2016-04-18 20:48 - 00002578 _____ C:\Users\djuricv\AppData\LocalLow\-!RecOveR!-weyti++.Txt
2016-04-18 20:44 - 2016-04-18 20:49 - 00011755 _____ C:\Users\djuricv\AppData\Local\-!RecOveR!-weyti++.Htm
2016-04-18 20:44 - 2016-04-18 20:49 - 00002578 _____ C:\Users\djuricv\AppData\Local\-!RecOveR!-weyti++.Txt
2016-04-18 20:44 - 2016-04-18 20:44 - 00011755 _____ C:\Users\djuricv\AppData\Local\Apps\-!RecOveR!-weyti++.Htm
2016-04-18 20:44 - 2016-04-18 20:44 - 00002578 _____ C:\Users\djuricv\AppData\Local\Apps\-!RecOveR!-weyti++.Txt
2016-04-18 20:39 - 2016-04-18 20:44 - 00011755 _____ C:\ProgramData\-!RecOveR!-weyti++.Htm
2016-04-18 20:39 - 2016-04-18 20:44 - 00002578 _____ C:\ProgramData\-!RecOveR!-weyti++.Txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-02 23:37 - 2014-06-06 23:39 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\RssBandit
2016-05-02 23:35 - 2014-05-31 15:34 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\uTorrent
2016-05-02 23:12 - 2009-07-14 06:34 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-02 23:12 - 2009-07-14 06:34 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-02 22:19 - 2016-02-28 12:55 - 00112480 _____ C:\Users\djuricv\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-02 22:16 - 2010-11-20 23:01 - 00794296 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-02 22:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-05-02 22:13 - 2015-11-11 16:04 - 00000000 ___RD C:\Users\djuricv\Google диск
2016-05-02 22:11 - 2014-05-31 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-05-02 22:11 - 2014-05-31 15:24 - 00000000 ____D C:\Users\djuricv
2016-05-02 22:11 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-02 22:10 - 2015-12-21 16:40 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\vlc
2016-05-02 22:10 - 2015-03-28 23:43 - 00000000 ____D C:\Program Files\Microsoft ActiveSync
2016-05-02 22:10 - 2014-09-14 13:53 - 00000000 ____D C:\Users\djuricv\AppData\Local\PrivaZer
2016-05-02 22:10 - 2014-05-31 15:36 - 00000000 ____D C:\Program Files\Microsoft Works
2016-05-02 22:10 - 2014-05-31 15:36 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-05-02 22:10 - 2010-11-21 02:46 - 00000000 ____D C:\Windows\ShellNew
2016-05-02 22:10 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\MSBuild
2016-05-02 22:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2016-05-02 22:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2016-05-02 22:10 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-02 22:09 - 2014-06-07 01:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-05-02 22:09 - 2014-05-31 15:35 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2016-05-02 22:09 - 2014-05-31 14:31 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Skype
2016-05-02 22:08 - 2015-03-28 23:43 - 00000000 ____D C:\Program Files\Common Files\L&H
2016-05-02 22:08 - 2014-05-31 15:34 - 00000000 ____D C:\Program Files\Microsoft Office
2016-05-02 22:08 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2016-05-02 22:07 - 2014-05-31 15:33 - 00000000 __RHD C:\MSOCache
2016-04-26 15:15 - 2014-06-01 21:17 - 00000000 ____D C:\Windows\system32\appmgmt
2016-04-22 21:32 - 2013-07-20 16:20 - 00000000 ____D C:\WAR.Movie.Collection.DVDRip.XVID
2016-04-22 21:31 - 2010-11-21 02:46 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-04-22 21:29 - 2015-04-08 18:59 - 00000000 ___SD C:\Users\djuricv\Documents\My Data Sources
2016-04-22 21:29 - 2015-03-28 23:45 - 00000000 ___SD C:\Users\djuricv\Documents\My Web Sites
2016-04-22 21:27 - 2014-07-01 21:56 - 00000000 ____D C:\Sulejman velicanstveni
2016-04-22 21:25 - 2016-02-22 16:34 - 00000000 ____D C:\ProgramData\Zoom Player
2016-04-20 19:39 - 2014-05-31 15:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-20 17:37 - 2016-02-06 01:50 - 00001824 _____ C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Mansion Casino.lnk
2016-04-20 17:37 - 2015-11-08 12:46 - 00002102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-04-20 17:37 - 2015-11-01 22:43 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-20 17:37 - 2015-03-28 23:43 - 00002609 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Open Office Document.lnk
2016-04-20 17:37 - 2015-03-28 23:43 - 00002599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\New Office Document.lnk
2016-04-20 17:37 - 2015-03-28 15:11 - 00000698 _____ C:\Users\djuricv\Desktop\Downloads - Shortcut.lnk
2016-04-20 17:37 - 2015-01-31 22:34 - 00003085 _____ C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Readon TV Movie Radio Player.lnk
2016-04-20 17:37 - 2014-11-11 18:09 - 00001942 _____ C:\Users\djuricv\Desktop\HP Officejet Pro 8600 - Shortcut.lnk
2016-04-20 17:37 - 2014-09-14 13:53 - 00001831 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2016-04-20 17:37 - 2014-08-01 17:20 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2016-04-20 17:37 - 2014-07-10 16:00 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
2016-04-20 17:37 - 2014-07-10 15:56 - 00000920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2016-04-20 17:37 - 2014-06-30 16:58 - 00001086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2016-04-20 17:37 - 2014-06-14 15:56 - 00001078 _____ C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2016-04-20 17:37 - 2014-06-01 00:20 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-20 17:37 - 2014-06-01 00:20 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-20 17:37 - 2014-05-31 15:24 - 00001122 _____ C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-20 17:37 - 2014-05-31 14:25 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-20 17:37 - 2009-07-14 06:46 - 00001503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-20 17:37 - 2009-07-14 06:46 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-20 17:37 - 2009-07-14 06:42 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-20 17:37 - 2009-07-14 06:42 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-20 17:37 - 2009-07-14 06:42 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-20 17:37 - 2009-07-14 06:37 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-20 17:34 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Web
2016-04-20 16:45 - 2014-08-05 16:11 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-20 15:14 - 2014-06-07 01:02 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2016-04-20 15:13 - 2015-03-23 18:32 - 00000079 _____ C:\Windows\wininit.ini
2016-04-20 14:47 - 2015-02-14 20:32 - 00000000 ____D C:\Program Files\360
2016-04-19 22:00 - 2015-06-29 14:47 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-19 21:55 - 2014-06-07 01:07 - 00000000 ____D C:\Windows\pss
2016-04-19 21:39 - 2015-06-26 21:32 - 00000000 ____D C:\Users\djuricv\AppData\Local\Caesium
2016-04-19 18:56 - 2015-02-14 23:05 - 00000000 __SHD C:\$360Section
2016-04-19 18:56 - 2015-02-14 21:46 - 00000000 ____D C:\ProgramData\360Quarant
2016-04-19 15:41 - 2014-05-31 15:24 - 00000000 ____D C:\Users\djuricv\AppData\Local\VirtualStore
2016-04-19 15:37 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Cursors
2016-04-19 15:19 - 2014-08-05 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-19 15:19 - 2014-08-05 16:11 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-04-18 22:45 - 2014-05-31 14:31 - 00000000 ____D C:\ProgramData\Skype
2016-04-18 22:44 - 2014-05-31 14:32 - 00000000 ____D C:\Users\djuricv\AppData\Local\Skype
2016-04-18 22:44 - 2014-05-31 14:31 - 00000000 ___RD C:\Program Files\Skype
2016-04-18 20:49 - 2016-03-27 16:13 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\TweakNow RegCleaner 2012
2016-04-18 20:49 - 2016-03-27 16:13 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\TweakNow RegCleaner
2016-04-18 20:49 - 2016-03-23 21:41 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fast Image Resizer
2016-04-18 20:49 - 2016-03-20 22:36 - 07794176 _____ C:\Users\djuricv\Desktop\moj-android-3.pdf
2016-04-18 20:49 - 2016-03-11 20:04 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Everything
2016-04-18 20:49 - 2016-03-11 19:46 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-04-18 20:49 - 2015-12-21 16:35 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2016-04-18 20:49 - 2015-12-01 22:46 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\hpqLog
2016-04-18 20:49 - 2015-11-21 14:02 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\dll-files.com
2016-04-18 20:49 - 2015-11-13 22:29 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT
2016-04-18 20:49 - 2015-11-13 20:54 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\MAGIX
2016-04-18 20:49 - 2015-10-31 23:00 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Rainmeter
2016-04-18 20:49 - 2015-10-20 19:40 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Sun
2016-04-18 20:49 - 2015-10-18 02:01 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\SUPERAntiSpyware.com
2016-04-18 20:49 - 2015-07-22 18:18 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Hard Disk Sentinel
2016-04-18 20:49 - 2015-06-28 17:59 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
2016-04-18 20:49 - 2015-04-13 20:09 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\dvdcss
2016-04-18 20:49 - 2015-03-29 00:22 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\SmartFTP
2016-04-18 20:49 - 2015-02-21 21:14 - 29454320 _____ C:\Users\djuricv\Desktop\najnoviji testovi sa resenjima.pdf
2016-04-18 20:49 - 2015-01-11 01:43 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\HD Tune Pro
2016-04-18 20:49 - 2015-01-09 23:39 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2016-04-18 20:49 - 2014-12-06 22:41 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\TunnelBear
2016-04-18 20:49 - 2014-11-09 12:16 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Opera Software
2016-04-18 20:49 - 2014-11-09 12:15 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\TuneUp Software
2016-04-18 20:49 - 2014-10-30 20:27 - 07975744 _____ C:\Users\djuricv\Desktop\CCNA Cisco kurs.pdf
2016-04-18 20:49 - 2014-09-14 13:53 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2016-04-18 20:49 - 2014-07-22 20:20 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Foxit Software
2016-04-18 20:49 - 2014-07-16 23:57 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Oracle
2016-04-18 20:49 - 2014-07-10 20:31 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prey
2016-04-18 20:49 - 2014-07-10 15:59 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Mozilla
2016-04-18 20:49 - 2014-07-10 15:56 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\HpUpdate
2016-04-18 20:49 - 2014-06-30 16:58 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\BSplayer Pro
2016-04-18 20:49 - 2014-06-30 16:58 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\BSplayer
2016-04-18 20:49 - 2014-06-14 15:56 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\GRETECH
2016-04-18 20:49 - 2014-06-14 15:45 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\MPC-HC
2016-04-18 20:49 - 2014-06-01 20:53 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Macromedia
2016-04-18 20:49 - 2014-06-01 20:35 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\WinRAR
2016-04-18 20:49 - 2014-06-01 20:28 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-18 20:49 - 2014-05-31 15:24 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Media Center Programs
2016-04-18 20:49 - 2014-05-31 14:35 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-18 20:49 - 2014-05-31 14:35 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\DropboxMaster
2016-04-18 20:49 - 2014-05-31 14:34 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Dropbox
2016-04-18 20:49 - 2014-05-31 14:18 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Splashtop
2016-04-18 20:49 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-18 20:48 - 2016-03-24 19:33 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\AC3Filter
2016-04-18 20:48 - 2016-03-11 19:46 - 00000000 ____D C:\Users\djuricv\AppData\Local\Ubisoft Game Launcher
2016-04-18 20:48 - 2015-12-21 16:32 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\5kplayer
2016-04-18 20:48 - 2015-11-13 21:03 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\AIMP3
2016-04-18 20:48 - 2015-10-20 19:39 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\Oracle
2016-04-18 20:48 - 2015-01-31 22:35 - 00000000 ____D C:\Users\djuricv\AppData\Local\Readon_Technology
2016-04-18 20:48 - 2015-01-09 23:39 - 00000000 ____D C:\Users\djuricv\AppData\Local\Popcorn Time
2016-04-18 20:48 - 2015-01-01 17:44 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\AVG2015
2016-04-18 20:48 - 2014-12-07 13:44 - 00000000 ____D C:\Users\djuricv\AppData\Local\Popcorn-Time
2016-04-18 20:48 - 2014-11-09 12:15 - 00000000 ____D C:\Users\djuricv\AppData\Local\TuneUp Software
2016-04-18 20:48 - 2014-10-04 13:17 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Autodesk
2016-04-18 20:48 - 2014-07-10 19:24 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\Google
2016-04-18 20:48 - 2014-06-30 16:51 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\KMPlayer
2016-04-18 20:48 - 2014-06-23 21:08 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\Sun
2016-04-18 20:48 - 2014-06-06 23:39 - 00000000 ____D C:\Users\djuricv\AppData\Local\RssBandit
2016-04-18 20:48 - 2014-06-01 20:54 - 00000000 ____D C:\Users\djuricv\AppData\LocalLow\Adobe
2016-04-18 20:48 - 2014-06-01 20:52 - 00000000 ____D C:\Users\djuricv\AppData\Roaming\Adobe
2016-04-18 20:47 - 2016-02-06 01:50 - 00000000 ____D C:\Users\djuricv\AppData\Local\Mansion Casino
2016-04-18 20:47 - 2015-01-01 17:41 - 00000000 ____D C:\Users\djuricv\AppData\Local\MFAData
2016-04-18 20:47 - 2014-11-09 12:16 - 00000000 ____D C:\Users\djuricv\AppData\Local\Opera Software
2016-04-18 20:47 - 2014-06-06 23:39 - 00000000 ____D C:\Users\djuricv\AppData\Local\NewsComponents
2016-04-18 20:47 - 2014-05-31 15:34 - 00000000 ____D C:\Users\djuricv\AppData\Local\Microsoft Help
2016-04-18 20:46 - 2014-12-06 22:37 - 00000000 ____D C:\Users\djuricv\AppData\Local\IsolatedStorage
2016-04-18 20:46 - 2014-12-06 22:37 - 00000000 ____D C:\Users\djuricv\AppData\Local\HockeyCrashes
2016-04-18 20:46 - 2014-07-10 15:52 - 00000000 ____D C:\Users\djuricv\AppData\Local\HP
2016-04-18 20:46 - 2014-05-31 14:24 - 00000000 ____D C:\Users\djuricv\AppData\Local\Google
2016-04-18 20:45 - 2015-11-04 23:46 - 00000000 ____D C:\Users\djuricv\AppData\Local\CEF
2016-04-18 20:45 - 2014-11-29 21:35 - 00000000 ____D C:\Users\djuricv\AppData\Local\EyeSpyFX
2016-04-18 20:45 - 2014-05-31 15:08 - 00000000 ____D C:\Users\djuricv\AppData\Local\Comodo
2016-04-18 20:45 - 2014-05-31 14:24 - 00000000 ____D C:\Users\djuricv\AppData\Local\Deployment
2016-04-18 20:44 - 2016-01-23 20:27 - 00000000 ____D C:\Users\djuricv\AppData\Local\4kdownload.com
2016-04-18 20:44 - 2015-12-01 22:46 - 00000000 ____D C:\ProgramData\{E446D09C-F25A-4F50-B111-81471218B287}
2016-04-18 20:44 - 2015-10-18 02:01 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-04-18 20:44 - 2015-01-01 17:41 - 00000000 ____D C:\Users\djuricv\AppData\Local\Avg2015
2016-04-18 20:44 - 2014-11-09 12:13 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2016-04-18 20:44 - 2014-11-09 12:13 - 00000000 ____D C:\ProgramData\TuneUp Software
2016-04-18 20:44 - 2014-10-26 01:45 - 00000000 ____D C:\ProgramData\Rosetta Stone
2016-04-18 20:44 - 2014-06-23 21:10 - 00000000 ____D C:\ProgramData\Sun
2016-04-18 20:44 - 2014-06-01 21:37 - 00000000 ____D C:\Users\djuricv\AppData\Local\Adobe
2016-04-18 20:44 - 2014-05-31 14:24 - 00000000 ____D C:\Users\djuricv\AppData\Local\Apps\2.0
2016-04-18 20:44 - 2014-05-31 14:23 - 00000000 ____D C:\ProgramData\Splashtop
2016-04-18 20:44 - 2014-05-31 14:18 - 00000000 ___HD C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2016-04-18 20:40 - 2016-02-22 16:40 - 00000000 ____D C:\ProgramData\Real
2016-04-18 20:40 - 2015-11-13 22:42 - 00000000 ____D C:\ProgramData\RH_Backups
2016-04-18 20:40 - 2015-11-13 22:28 - 00000000 ____D C:\ProgramData\RFA_Backups
2016-04-18 20:40 - 2015-11-13 22:27 - 00000000 ____D C:\ProgramData\MyDefrag
2016-04-18 20:40 - 2015-01-31 22:36 - 00000000 ____D C:\ProgramData\Readon
2016-04-18 20:40 - 2014-09-14 13:53 - 00000000 ____D C:\ProgramData\privazer
2016-04-18 20:40 - 2014-06-23 21:10 - 00000000 ____D C:\ProgramData\Oracle
2016-04-18 20:40 - 2014-06-01 20:53 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-04-18 20:40 - 2014-05-31 21:06 - 00000000 ____D C:\ProgramData\Registry First Aid Backups
2016-04-18 20:39 - 2016-01-27 23:37 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-04-18 20:39 - 2015-12-21 16:32 - 00000000 ____D C:\ProgramData\Apple
2016-04-18 20:39 - 2015-11-13 20:54 - 00000000 ____D C:\ProgramData\MAGIX
2016-04-18 20:39 - 2015-01-01 19:32 - 00000000 ____D C:\ProgramData\gjkhilnflbhcnhhccoaonfafhfgdbknl
2016-04-18 20:39 - 2015-01-01 19:24 - 00000000 ____D C:\ProgramData\akejhkkhjbpnndplolokalfihlgkbekh
2016-04-18 20:39 - 2015-01-01 17:43 - 00000000 ____D C:\ProgramData\AVG2015
2016-04-18 20:39 - 2015-01-01 17:41 - 00000000 ____D C:\ProgramData\MFAData
2016-04-18 20:39 - 2014-10-04 13:17 - 00000000 ____D C:\ProgramData\Autodesk
2016-04-18 20:39 - 2014-07-11 14:51 - 00000000 ____D C:\ProgramData\ChessOK Playing Zone
2016-04-18 20:39 - 2014-07-10 15:55 - 00000000 ____D C:\ProgramData\HP
2016-04-18 20:39 - 2014-06-15 19:36 - 00000000 ____D C:\ProgramData\GRETECH
2016-04-18 20:39 - 2014-06-01 20:50 - 00000000 ____D C:\ProgramData\Adobe
2016-04-18 20:39 - 2014-05-31 15:07 - 00000000 ____D C:\ProgramData\Comodo
2016-04-18 20:39 - 2014-05-31 14:28 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-03 13:41 - 2014-06-14 15:55 - 00000000 ____D C:\Program Files\Gom Player

==================== Files in the root of some directories =======

2016-04-18 20:49 - 2016-04-18 20:49 - 0011755 _____ () C:\Users\djuricv\AppData\Roaming\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 0106066 _____ () C:\Users\djuricv\AppData\Roaming\-!RecOveR!-weyti++.Png
2016-04-18 20:49 - 2016-04-18 20:49 - 0002578 _____ () C:\Users\djuricv\AppData\Roaming\-!RecOveR!-weyti++.Txt
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\djuricv\AppData\Roaming\BNIGJ
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\djuricv\AppData\Roaming\INRWMRI
2010-07-03 07:09 - 2010-07-03 07:09 - 0012477 _____ () C:\Users\djuricv\AppData\Roaming\ShortcutSettings.xml
2016-04-18 20:49 - 2016-04-18 20:49 - 0011755 _____ () C:\Users\djuricv\AppData\Roaming\Microsoft\-!RecOveR!-weyti++.Htm
2016-04-18 20:49 - 2016-04-18 20:49 - 0106066 _____ () C:\Users\djuricv\AppData\Roaming\Microsoft\-!RecOveR!-weyti++.Png
2016-04-18 20:49 - 2016-04-18 20:49 - 0002578 _____ () C:\Users\djuricv\AppData\Roaming\Microsoft\-!RecOveR!-weyti++.Txt
2016-04-18 20:44 - 2016-04-18 20:49 - 0011755 _____ () C:\Users\djuricv\AppData\Local\-!RecOveR!-weyti++.Htm
2016-04-18 20:44 - 2016-04-18 20:49 - 0106066 _____ () C:\Users\djuricv\AppData\Local\-!RecOveR!-weyti++.Png
2016-04-18 20:44 - 2016-04-18 20:49 - 0002578 _____ () C:\Users\djuricv\AppData\Local\-!RecOveR!-weyti++.Txt
2015-04-08 19:24 - 2015-04-08 19:24 - 0007611 _____ () C:\Users\djuricv\AppData\Local\Resmon.ResmonCfg
2014-06-11 18:29 - 2014-06-11 18:29 - 0000000 _____ () C:\Users\djuricv\AppData\Local\{448E7285-002A-489C-94A4-042D49D11E2E}
2016-04-18 20:39 - 2016-04-18 20:44 - 0011755 _____ () C:\ProgramData\-!RecOveR!-weyti++.Htm
2016-04-18 20:39 - 2016-04-18 20:44 - 0106066 _____ () C:\ProgramData\-!RecOveR!-weyti++.Png
2016-04-18 20:39 - 2016-04-18 20:44 - 0002578 _____ () C:\ProgramData\-!RecOveR!-weyti++.Txt
2016-04-20 15:28 - 2016-04-20 15:28 - 0235445 _____ () C:\ProgramData\1461158776.bdinstall.bin
2014-07-10 15:53 - 2014-07-10 15:53 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\djuricv\AppData\Local\Temp\KMP_4.0.7.1.exe
C:\Users\djuricv\AppData\Local\Temp\libeay32.dll
C:\Users\djuricv\AppData\Local\Temp\msvcr120.dll
C:\Users\djuricv\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-28 22:09

==================== End of FRST.txt ============================

Dopuna: 02 Maj 2016 23:44

i
mycity.rs/must-login.png