MyCity » Ambulanta -> Arhiva Ambulante » Nekontrolisano otvaranje strana

Nekontrolisano otvaranje strana

Napisano na dan: 22.3.2015

Strana:
1
2

Nekontrolisano otvaranje strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2

vas nalog Poslao: 22 Mar 2015 19:05 Idi na vrh
offline vas nalog Građanin Pridružio: 07 Apr 2012 Poruke: 114	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozdrav. Upišem u pretraživač naziv sajta i kada želim da otvorim sajt otvaraju mi se neke stranice nevezano za sajt koji želim otvoriti. Recimo: wargame1942.looki.ba/?rid=7562&aid=195299 n03zz.reward-zone.guitarkite.kim/?sov=98309.....r9283-t428 Iskaču mi i prozori tipa offers.bycontext.com/scjs/tb/ctxjs/index.ph.....country=RS Ne vidi se slika reklame, samo iksić na kome kao mogu da je zatvorim. Problem se javio u poslednjih 7 dana. Malwarebytes nalazi neke infekcije i obriše ih, ali se stanje ne popravlja. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by user6 (administrator) on USER6-PC on 22-03-2015 19:02:11 Running from C:\Users\user6\Desktop Loaded Profiles: user6 (Available profiles: user6) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: engleski (SAD) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (百度在线网络技术（北京）有限公司) C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.645\BaiduProtect.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (XTab system) C:\Program Files (x86)\XTab\ProtectService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe (MicroStudio) C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (XTab system) C:\Program Files (x86)\XTab\HPNotify.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (BitTorrent Inc.) C:\Users\user6\AppData\Roaming\BitTorrent\BitTorrent.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-27] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.) HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\Run: [Google Update] => "C:\Users\user6\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\Run: [] => [X] HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd) HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\RunOnce: [Adobe Speed Launcher] => 1427007738 HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\MountPoints2: F - F:\Install.exe HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\MountPoints2: {1c03d322-cc9a-11e4-8e2b-bc5ff4da1084} - F:\Install.exe Startup: C:\Users\user6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = web/?type=dspp&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = web/?type=dspp&q={searchTerms} HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = default-search.net/search?sid=476&a.....=ds&p={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = default-search.net/search?sid=476&a.....=ds&p={searchTerms} SearchScopes: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = mystartsearch.com/web/?utm_source=b&.....ult&q={searchTerms} SearchScopes: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = mystartsearch.com/web/?utm_source=b&.....ult&q={searchTerms} SearchScopes: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = mystartsearch.com/web/?utm_source=b&.....ult&q={searchTerms} SearchScopes: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = mystartsearch.com/web/?utm_source=b&.....ult&q={searchTerms} SearchScopes: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> {710827CE-4B63-4437-942E-C90D3B38F57A} URL = mystartsearch.com/web/?utm_source=b&.....ult&q={searchTerms} SearchScopes: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = mystartsearch.com/web/?utm_source=b&.....ult&q={searchTerms} SearchScopes: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = mystartsearch.com/web/?utm_source=b&.....ult&q={searchTerms} SearchScopes: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = mystartsearch.com/web/?utm_source=b&.....ult&q={searchTerms} SearchScopes: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> {EE140EB3-1740-47C7-A0E6-7338C4BE10B1} URL = mystartsearch.com/web/?utm_source=b&.....ult&q={searchTerms} BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-26] (RealDownloader) BHO: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-26] (RealDownloader) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation) BHO-x32: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {5A894083-39AB-4E1E-A6C1-7D746127B9A4} - No File Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {50A502A9-FB97-4546-BF5E-62E62B705429} - No File Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {C723D3D7-5E15-48E3-BE2D-B671F0684A59} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default FF NewTab: chrome://quick_start/content/index.html FF SelectedSearchEngine: mystartsearch FF Homepage: google.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( ) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-11-10] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-26] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-11-10] (RealPlayer Cloud) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2683369425-3361945966-1453627295-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user6\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKU\S-1-5-21-2683369425-3361945966-1453627295-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user6\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKU\S-1-5-21-2683369425-3361945966-1453627295-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user6\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS) FF user.js: detected! => C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\user.js [2015-03-22] FF Extension: foxcconvertergmailcom - C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\Extensions\foxcconverter@gmail.com [2015-03-20] FF Extension: skip_compatibility_checksdrockingcom - C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\Extensions\skip_compatibility_check@sdrocking.com [2015-03-21] FF Extension: Test Pilot - C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-08-10] FF Extension: Adblock Plus - C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-10] FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-10] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext Chrome: ======= CHR HomePage: Default -> ?type=hppp CHR StartupUrls: Default -> "?type=hppp" CHR DefaultSearchKeyword: Default -> CHR DefaultSearchURL: Default -> web/?type=dspp&q={searchTerms} CHR Profile: C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-03] CHR Extension: (aofkhphjhkanpddmfmbckdlcajhnehlf) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\aofkhphjhkanpddmfmbckdlcajhnehlf [2015-03-20] CHR Extension: (Google Docs) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-03] CHR Extension: (Google Drive) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-03] CHR Extension: (YouTube) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-03] CHR Extension: (Google Search) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-03] CHR Extension: (Google Sheets) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-03] CHR Extension: (Google Wallet) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-03] CHR Extension: (Gmail) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-03] CHR Extension: (pmmemlnpjmfkcddknibchodllhnnidlp) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmmemlnpjmfkcddknibchodllhnnidlp [2015-03-21] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 BDSGRTP; C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.645\BaiduProtect.exe [1940072 2014-12-04] (百度在线网络技术（北京）有限公司) R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [724992 2006-10-10] (Nero AG) [File not signed] R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-28] (Electronic Arts) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] () R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-10] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [181072 2014-10-21] (Baidu) R1 bd0004; C:\Windows\System32\DRIVERS\bd0004.sys [170312 2014-11-28] (Baidu) R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2014-12-28] (Baidu Technology) R1 BDMWrench; C:\Windows\System32\DRIVERS\BDMWrench.sys [130888 2014-12-23] (Baidu) S1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [130888 2015-01-19] (Baidu) R2 BDSafeBrowser; C:\Windows\System32\DRIVERS\BDSafeBrowser.sys [48968 2014-10-20] (Baidu) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-17] (Disc Soft Ltd) S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-08-21] (Echobit, LLC) S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [31128 2006-10-25] (Compuware Corporation) [File not signed] R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] () R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [129752 2015-03-22] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) S1 bd0002; system32\DRIVERS\bd0002.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-22 19:02 - 2015-03-22 19:02 - 00023083 _____ () C:\Users\user6\Desktop\FRST.txt 2015-03-22 19:01 - 2015-03-22 19:02 - 00000000 ____D () C:\FRST 2015-03-22 19:00 - 2015-03-22 19:00 - 02095616 _____ (Farbar) C:\Users\user6\Desktop\FRST64.exe 2015-03-22 13:51 - 2015-03-22 13:51 - 00000992 _____ () C:\Users\user6\Desktop\Bandicam.lnk 2015-03-22 13:51 - 2015-03-22 13:51 - 00000000 ____D () C:\Program Files (x86)\Bandicam 2015-03-22 12:53 - 2015-03-22 12:53 - 00000000 ____D () C:\video_output 2015-03-22 12:47 - 2015-03-22 12:47 - 00000956 _____ () C:\Users\user6\Desktop\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk 2015-03-22 12:47 - 2015-03-22 12:47 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV to AVI MPEG WMV 3GP MP4 iPod Converter 2015-03-22 12:45 - 2015-03-22 12:45 - 00002532 _____ () C:\Users\user6\Downloads\[kickass.to]flv.to.avi.mpeg.wmv.3gp.mp4.ipod.converter.5.3.0402.full.version.blaze69.torrent 2015-03-21 10:47 - 2015-03-21 10:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-17 13:55 - 2015-03-17 13:55 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-03-17 13:52 - 2015-03-17 14:00 - 00000000 ____D () C:\Users\user6\AppData\Local\BrowserHelper 2015-03-17 13:52 - 2015-03-17 13:52 - 00003722 _____ () C:\Windows\System32\Tasks\SMupdate1 2015-03-17 13:48 - 2015-03-22 10:39 - 00000000 ____D () C:\Program Files (x86)\XTab 2015-03-17 13:48 - 2015-03-17 13:48 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2015-03-17 13:48 - 2015-03-17 13:48 - 00000000 ____D () C:\ProgramData\IHProtectUpDate 2015-03-17 12:48 - 2015-03-17 12:50 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2015-03-17 12:48 - 2015-03-17 12:48 - 00001703 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2015-03-17 12:48 - 2015-03-17 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-03-17 12:48 - 2015-03-17 12:48 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite 2015-03-17 12:46 - 2015-03-17 12:47 - 13146016 _____ (Disc Soft Ltd) C:\Users\user6\Downloads\DTLite501-0406.exe 2015-03-12 16:40 - 2015-03-12 16:42 - 00000000 ____D () C:\Windows\rescache 2015-03-11 17:21 - 2015-03-11 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-03-11 17:21 - 2015-03-11 17:21 - 00000000 ____D () C:\Program Files (x86)\Minecraft 2015-03-11 17:20 - 2015-03-11 17:20 - 02314240 _____ () C:\Users\user6\Downloads\MinecraftInstaller.msi 2015-03-11 07:19 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-11 07:19 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-11 07:19 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-11 07:19 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-11 07:19 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-11 07:19 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-11 07:19 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-11 07:19 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-11 07:19 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-11 07:19 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-11 07:19 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-11 07:19 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-11 07:19 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-11 07:19 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-11 07:19 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-11 07:19 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-11 07:19 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-11 07:19 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-11 07:19 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-11 07:19 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-11 07:19 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-11 07:19 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-11 07:19 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-11 07:19 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-11 07:19 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-11 07:19 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-11 07:19 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-11 07:19 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-11 07:19 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-11 07:19 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-03-11 07:19 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-11 07:19 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-11 07:18 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-11 07:18 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-11 07:18 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-11 07:18 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-11 07:18 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-11 07:18 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-11 07:18 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-11 07:18 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-11 07:18 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-03-11 07:18 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-03-11 07:18 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-11 07:18 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-03-11 07:18 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-11 07:18 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-11 07:18 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-11 07:18 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-11 07:18 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-11 07:18 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-11 07:18 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-11 07:18 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-11 07:18 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-11 07:18 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-11 07:18 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-11 07:18 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-11 07:18 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 07:18 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-11 07:18 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-11 07:18 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-11 07:18 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-11 07:18 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-11 07:18 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-11 07:18 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-11 07:18 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-11 07:18 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-11 07:18 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-11 07:18 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-11 07:18 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-11 07:18 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 07:18 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-11 07:18 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-11 07:18 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 07:18 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-11 07:18 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-11 07:18 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-11 07:18 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-11 07:18 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-11 07:18 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-11 07:18 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-11 07:18 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-11 07:18 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-11 07:18 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-03-11 07:18 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-03-11 07:18 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-03-11 07:18 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-11 07:18 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-11 07:18 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-11 07:18 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-11 07:18 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-11 07:18 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-11 07:18 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-11 07:18 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-11 07:18 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-11 07:18 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-11 07:18 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-11 07:18 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-11 07:18 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-11 07:18 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-11 07:18 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-11 07:18 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-11 07:18 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-11 07:18 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-11 07:18 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-11 07:18 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-11 07:18 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-11 07:18 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-11 07:18 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-11 07:18 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-11 07:18 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-11 07:18 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-11 07:18 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-11 07:18 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-11 07:18 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-11 07:16 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-11 07:16 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-09 12:30 - 2015-03-09 12:30 - 00000000 ____D () C:\Users\user6\Downloads\Cinema 4d studio r12 2015-03-09 12:14 - 2015-03-09 12:34 - 00000000 ____D () C:\Users\user6\AppData\Roaming\MAXON 2015-03-07 11:43 - 2015-03-07 11:43 - 00015410 _____ () C:\Users\user6\Downloads\StrandedDeep-FunnyGames - ThePirateBay.TO.torrent 2015-03-07 09:06 - 2015-03-07 16:48 - 00004352 _____ () C:\Windows\windefendam.log 2015-03-07 09:06 - 2015-03-07 16:48 - 00000020 _____ () C:\Windows\capsys184523.log 2015-03-07 09:06 - 2015-03-07 09:44 - 00000000 ____D () C:\Users\user6\AppData\Local\Mirillis 2015-03-07 09:06 - 2015-03-07 09:06 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Mirillis 2015-03-07 09:06 - 2015-03-07 09:06 - 00000000 ____D () C:\ProgramData\Mirillis 2015-03-07 08:59 - 2015-03-08 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis 2015-03-07 08:59 - 2015-03-07 08:59 - 00000000 ____D () C:\Program Files (x86)\Mirillis 2015-03-01 17:09 - 2015-03-01 17:10 - 00000036 _____ () C:\Users\user6\Desktop\Novi tekstualni dokument (4).txt 2015-02-25 22:51 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-25 22:51 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-25 19:15 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-02-25 19:15 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-02-25 19:15 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-02-25 19:15 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2015-02-24 08:40 - 2015-02-24 08:49 - 00000135 _____ () C:\Users\user6\Desktop\Novi tekstualni dokument (3).txt 2015-02-22 18:12 - 2015-02-22 18:12 - 11247104 _____ () C:\Users\user6\Downloads\sa-mp-0.3z-R2-install.exe 2015-02-22 18:12 - 2015-02-22 18:12 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-22 19:02 - 2014-06-25 20:09 - 00000000 ____D () C:\Users\user6\AppData\Roaming\BitTorrent 2015-03-22 18:51 - 2014-01-18 15:22 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2683369425-3361945966-1453627295-1000UA.job 2015-03-22 18:28 - 2014-11-03 14:10 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-22 18:16 - 2014-03-13 06:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-22 17:31 - 2012-08-10 16:38 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Skype 2015-03-22 17:27 - 2014-11-03 14:10 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-22 17:20 - 2015-02-06 17:20 - 00001338 _____ () C:\Windows\Tasks\ESGDDJ.job 2015-03-22 17:19 - 2015-02-06 17:19 - 00001686 _____ () C:\Windows\Tasks\FVPHQRKH.job 2015-03-22 15:14 - 2014-01-18 15:14 - 00000000 ____D () C:\Users\user6\AppData\Roaming\.minecraft 2015-03-22 13:52 - 2009-07-14 05:51 - 00243252 _____ () C:\Windows\setupact.log 2015-03-22 13:51 - 2014-06-07 06:27 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1 2015-03-22 10:10 - 2014-09-04 17:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-22 10:05 - 2014-11-10 15:54 - 00000224 _____ () C:\Users\user6\BullseyeCoverageError.txt 2015-03-22 08:09 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-22 08:09 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-22 08:08 - 2012-08-10 11:47 - 00699126 _____ () C:\Windows\system32\perfh00E.dat 2015-03-22 08:08 - 2012-08-10 11:47 - 00176450 _____ () C:\Windows\system32\perfc00E.dat 2015-03-22 08:08 - 2009-07-14 06:13 - 01671176 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-22 08:07 - 2012-08-09 23:56 - 01236515 _____ () C:\Windows\WindowsUpdate.log 2015-03-22 08:02 - 2014-11-04 12:30 - 00000000 ____D () C:\Users\user6\AppData\Local\LogMeIn Hamachi 2015-03-22 08:01 - 2014-01-07 23:15 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs 2015-03-22 08:01 - 2014-01-07 02:41 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-03-22 08:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-21 23:51 - 2014-01-18 15:22 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2683369425-3361945966-1453627295-1000Core.job 2015-03-21 19:36 - 2012-08-10 16:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-20 13:28 - 2014-11-03 14:11 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-03-19 10:12 - 2015-01-04 19:27 - 00000000 ____D () C:\Program Files (x86)\Software Update Services 2015-03-18 18:33 - 2014-11-09 10:15 - 00000000 ____D () C:\Users\user6\AppData\Roaming\vlc 2015-03-18 06:58 - 2010-11-21 04:47 - 02269474 _____ () C:\Windows\PFRO.log 2015-03-17 19:57 - 2015-02-06 17:19 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2015-03-17 19:46 - 2015-02-01 11:53 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2015-03-17 19:46 - 2014-06-12 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2015-03-17 19:46 - 2014-04-21 18:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-17 19:45 - 2012-08-10 16:23 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-03-17 19:45 - 2012-08-10 16:23 - 00001134 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-03-17 19:45 - 2012-08-09 23:56 - 00001421 _____ () C:\Users\user6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-17 19:43 - 2014-05-17 15:25 - 00000000 ____D () C:\Program Files (x86)\Activision 2015-03-17 19:42 - 2014-10-11 17:53 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-03-17 13:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System 2015-03-17 13:43 - 2012-08-10 16:26 - 00460893 _____ () C:\Windows\DirectX.log 2015-03-17 12:43 - 2014-01-16 20:50 - 00000129 _____ () C:\Users\user6\AppData\default.pls 2015-03-17 12:42 - 2012-08-10 16:21 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Adobe 2015-03-15 18:15 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-03-13 15:04 - 2014-09-08 13:04 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Sony 2015-03-12 12:50 - 2015-01-04 19:27 - 00000000 ____D () C:\Program Files (x86)\AspInfo 2015-03-12 12:33 - 2009-07-14 05:45 - 00472104 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-12 12:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS 2015-03-12 12:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-12 12:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS 2015-03-12 12:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-11 21:58 - 2012-08-10 16:40 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-11 21:53 - 2014-01-07 07:43 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-11 21:47 - 2012-08-10 00:45 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-11 17:33 - 2014-01-18 10:58 - 00000000 ____D () C:\Users\user6\Desktop\Vukove igrice 2015-03-08 08:34 - 2014-12-27 11:22 - 00000000 ____D () C:\Users\user6\Documents\Vegas Movie Studio HD 11.0 Projects 2015-03-04 18:12 - 2015-02-13 11:11 - 00000000 ____D () C:\Program Files (x86)\Windows-Optimizer 2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-03-02 17:00 - 2014-03-11 18:52 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-03-02 17:00 - 2012-08-10 16:28 - 00000000 ____D () C:\ProgramData\Skype 2015-02-26 08:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2015-02-25 07:44 - 2009-07-14 06:08 - 00032598 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-22 18:12 - 2014-09-13 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer ==================== Files in the root of some directories ======= 2014-03-09 17:48 - 2014-10-21 08:46 - 0000000 _____ () C:\Users\user6\AppData\Roaming\bitlord_log.txt 2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\user6\AppData\Roaming\ESGDDJ 2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\user6\AppData\Roaming\FVPHQRKH Some content of TEMP: ==================== C:\Users\user6\AppData\Local\Temp\bdfilters.dll C:\Users\user6\AppData\Local\Temp\bitool.dll C:\Users\user6\AppData\Local\Temp\BullseyeCoverage-2-x86.dll C:\Users\user6\AppData\Local\Temp\cabex.dll C:\Users\user6\AppData\Local\Temp\dbhcabfbbed.exe C:\Users\user6\AppData\Local\Temp\dbhcabfbbjg.exe C:\Users\user6\AppData\Local\Temp\dbhcabfcebi.exe C:\Users\user6\AppData\Local\Temp\ICReinstall_WindowsMovieMakerSetup.exe C:\Users\user6\AppData\Local\Temp\jre-8u31-windows-au.exe C:\Users\user6\AppData\Local\Temp\NOSEventMessages.dll C:\Users\user6\AppData\Local\Temp\nvSCPAPI.dll C:\Users\user6\AppData\Local\Temp\nvStInst.exe C:\Users\user6\AppData\Local\Temp\SpOrder.dll C:\Users\user6\AppData\Local\Temp\tu17p84.exe C:\Users\user6\AppData\Local\Temp\unelevate.exe C:\Users\user6\AppData\Local\Temp\utt6E91.tmp.exe C:\Users\user6\AppData\Local\Temp\utt7915.tmp.exe C:\Users\user6\AppData\Local\Temp\vcredist12_x86.exe C:\Users\user6\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-15 10:00 ==================== End Of Log ============================ Koristim kablovski interne. mycity.rs/must-login.png

Profil

Sass Drake Poslao: 22 Mar 2015 22:10 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop Dvoklikom pokreni program. u EULA prozoru klikni na I agree. Klikni na dugme Scan i sačekaj da se završi skeniranje. Klikni na dugme Clean i pričekaj da program završi. Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu. Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem. Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl" Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt Korak 2 Ponovo pokreni FRST i označi opciju Addition.txt. Klikni na Scan i kad završi, postavi mi nove FRST.txt i Addition.txt izvještaje.

Profil

vas nalog Poslao: 23 Mar 2015 21:12 Idi na vrh
offline vas nalog Građanin Pridružio: 07 Apr 2012 Poruke: 114	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png FRST.txt sam kopirao u poruku, a Addition.txt prikačio kao i prvi put. Da li je to u redu? Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by user6 (administrator) on USER6-PC on 23-03-2015 21:01:57 Running from C:\Users\user6\Desktop Loaded Profiles: user6 (Available profiles: user6) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: engleski (SAD) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (百度在线网络技术（北京）有限公司) C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.645\BaiduProtect.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Users\user6\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-27] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\Run: [Google Update] => "C:\Users\user6\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\Run: [] => [X] HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd) HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\RunOnce: [Adobe Speed Launcher] => 1427140663 HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\MountPoints2: F - F:\Install.exe HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\MountPoints2: {1c03d322-cc9a-11e4-8e2b-bc5ff4da1084} - F:\Install.exe Startup: C:\Users\user6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = web/?type=dspp&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = web/?type=dspp&q={searchTerms} HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-26] (RealDownloader) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-26] (RealDownloader) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation) Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {5A894083-39AB-4E1E-A6C1-7D746127B9A4} - No File Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {50A502A9-FB97-4546-BF5E-62E62B705429} - No File Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {C723D3D7-5E15-48E3-BE2D-B671F0684A59} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 81.24.247.61 91.102.231.242 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default FF Homepage: google.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( ) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-11-10] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-26] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-11-10] (RealPlayer Cloud) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2683369425-3361945966-1453627295-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user6\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKU\S-1-5-21-2683369425-3361945966-1453627295-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user6\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKU\S-1-5-21-2683369425-3361945966-1453627295-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user6\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS) FF Extension: skip_compatibility_checksdrockingcom - C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\Extensions\skip_compatibility_check@sdrocking.com [2015-03-21] FF Extension: Test Pilot - C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-08-10] FF Extension: Adblock Plus - C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-10] FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-10] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext Chrome: ======= CHR HomePage: Default -> ?type=hppp CHR StartupUrls: Default -> "?type=hppp" CHR DefaultSearchKeyword: Default -> CHR DefaultSearchURL: Default -> web/?type=dspp&q={searchTerms} CHR Profile: C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-03] CHR Extension: (aofkhphjhkanpddmfmbckdlcajhnehlf) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\aofkhphjhkanpddmfmbckdlcajhnehlf [2015-03-20] CHR Extension: (Google Docs) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-03] CHR Extension: (Google Drive) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-03] CHR Extension: (YouTube) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-03] CHR Extension: (Google Search) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-03] CHR Extension: (Google Sheets) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-03] CHR Extension: (Google Wallet) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-03] CHR Extension: (Gmail) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-03] CHR Extension: (pmmemlnpjmfkcddknibchodllhnnidlp) - C:\Users\user6\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmmemlnpjmfkcddknibchodllhnnidlp [2015-03-21] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 BDSGRTP; C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.645\BaiduProtect.exe [1940072 2014-12-04] (百度在线网络技术（北京）有限公司) R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [724992 2006-10-10] (Nero AG) [File not signed] R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-28] (Electronic Arts) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] () R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-10] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [181072 2014-10-21] (Baidu) R1 bd0004; C:\Windows\System32\DRIVERS\bd0004.sys [170312 2014-11-28] (Baidu) R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2014-12-28] (Baidu Technology) S1 BDMWrench; C:\Windows\System32\DRIVERS\BDMWrench.sys [130888 2014-12-23] (Baidu) R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [130888 2015-01-19] (Baidu) R2 BDSafeBrowser; C:\Windows\system32\drivers\BDSafeBrowser.sys [48968 2014-10-20] (Baidu) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-17] (Disc Soft Ltd) S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-08-21] (Echobit, LLC) S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [31128 2006-10-25] (Compuware Corporation) [File not signed] R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] () R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [129752 2015-03-22] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) S1 bd0002; system32\DRIVERS\bd0002.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-23 21:01 - 2015-03-23 21:03 - 00018992 _____ () C:\Users\user6\Desktop\FRST.txt 2015-03-23 21:00 - 2015-03-23 21:00 - 00014219 _____ () C:\Users\user6\Desktop\AdwCleaner[S0].txt 2015-03-23 20:57 - 2015-03-23 20:57 - 00000000 ____D () C:\ProgramData\Baidu 2015-03-23 20:54 - 2015-03-23 20:56 - 00000000 ____D () C:\AdwCleaner 2015-03-23 20:53 - 2015-03-23 20:53 - 02168320 _____ () C:\Users\user6\Desktop\AdwCleaner.exe 2015-03-23 15:17 - 2015-03-23 15:34 - 00333392 _____ () C:\Users\user6\Downloads\Thcf_feat__Coby_-_Ideš_za_Kanadu.mp3.sfk 2015-03-23 13:35 - 2015-03-23 13:47 - 00003584 _____ () C:\Users\user6\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-22 19:01 - 2015-03-23 21:02 - 00000000 ____D () C:\FRST 2015-03-22 19:00 - 2015-03-22 19:00 - 02095616 _____ (Farbar) C:\Users\user6\Desktop\FRST64.exe 2015-03-22 13:51 - 2015-03-22 13:51 - 00000992 _____ () C:\Users\user6\Desktop\Bandicam.lnk 2015-03-22 13:51 - 2015-03-22 13:51 - 00000000 ____D () C:\Program Files (x86)\Bandicam 2015-03-22 12:53 - 2015-03-22 12:53 - 00000000 ____D () C:\video_output 2015-03-22 12:47 - 2015-03-22 12:47 - 00000956 _____ () C:\Users\user6\Desktop\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk 2015-03-22 12:47 - 2015-03-22 12:47 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV to AVI MPEG WMV 3GP MP4 iPod Converter 2015-03-22 12:45 - 2015-03-22 12:45 - 00002532 _____ () C:\Users\user6\Downloads\[kickass.to]flv.to.avi.mpeg.wmv.3gp.mp4.ipod.converter.5.3.0402.full.version.blaze69.torrent 2015-03-21 10:47 - 2015-03-21 10:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-17 13:55 - 2015-03-17 13:55 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-03-17 12:48 - 2015-03-17 12:50 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2015-03-17 12:48 - 2015-03-17 12:48 - 00001703 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2015-03-17 12:48 - 2015-03-17 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-03-17 12:48 - 2015-03-17 12:48 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite 2015-03-17 12:46 - 2015-03-17 12:47 - 13146016 _____ (Disc Soft Ltd) C:\Users\user6\Downloads\DTLite501-0406.exe 2015-03-12 16:40 - 2015-03-12 16:42 - 00000000 ____D () C:\Windows\rescache 2015-03-11 17:21 - 2015-03-11 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-03-11 17:21 - 2015-03-11 17:21 - 00000000 ____D () C:\Program Files (x86)\Minecraft 2015-03-11 17:20 - 2015-03-11 17:20 - 02314240 _____ () C:\Users\user6\Downloads\MinecraftInstaller.msi 2015-03-11 07:19 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-11 07:19 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-11 07:19 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-11 07:19 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-11 07:19 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-11 07:19 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-11 07:19 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-11 07:19 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-11 07:19 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-11 07:19 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-11 07:19 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-11 07:19 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-11 07:19 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-11 07:19 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-11 07:19 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-11 07:19 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-11 07:19 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-11 07:19 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-11 07:19 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-11 07:19 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-11 07:19 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-11 07:19 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-11 07:19 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-11 07:19 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-11 07:19 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-11 07:19 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-11 07:19 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-11 07:19 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-11 07:19 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-11 07:19 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-11 07:19 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-11 07:19 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-11 07:19 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-11 07:19 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-03-11 07:19 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-11 07:19 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-11 07:18 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-11 07:18 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-11 07:18 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-11 07:18 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-11 07:18 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-11 07:18 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-11 07:18 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-11 07:18 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-11 07:18 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-03-11 07:18 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-11 07:18 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-03-11 07:18 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-03-11 07:18 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-11 07:18 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-03-11 07:18 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-11 07:18 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-11 07:18 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-11 07:18 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-11 07:18 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-11 07:18 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-11 07:18 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-11 07:18 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-11 07:18 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-11 07:18 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-11 07:18 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-11 07:18 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-11 07:18 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 07:18 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-11 07:18 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-11 07:18 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-11 07:18 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-11 07:18 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-11 07:18 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-11 07:18 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-11 07:18 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-11 07:18 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-11 07:18 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-11 07:18 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-11 07:18 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-11 07:18 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 07:18 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-11 07:18 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-11 07:18 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 07:18 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-11 07:18 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-11 07:18 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-11 07:18 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-11 07:18 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-11 07:18 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-11 07:18 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-11 07:18 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-11 07:18 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-11 07:18 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-03-11 07:18 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-03-11 07:18 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-03-11 07:18 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-11 07:18 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-11 07:18 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-11 07:18 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-11 07:18 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-11 07:18 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-11 07:18 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-11 07:18 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-11 07:18 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-11 07:18 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-11 07:18 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-11 07:18 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-11 07:18 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-11 07:18 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-11 07:18 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-11 07:18 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-11 07:18 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-11 07:18 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-11 07:18 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-11 07:18 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-11 07:18 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-11 07:18 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-11 07:18 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-11 07:18 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-11 07:18 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-11 07:18 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-11 07:18 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-11 07:18 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-11 07:18 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-11 07:16 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-11 07:16 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-09 12:30 - 2015-03-09 12:30 - 00000000 ____D () C:\Users\user6\Downloads\Cinema 4d studio r12 2015-03-09 12:14 - 2015-03-09 12:34 - 00000000 ____D () C:\Users\user6\AppData\Roaming\MAXON 2015-03-07 11:43 - 2015-03-07 11:43 - 00015410 _____ () C:\Users\user6\Downloads\StrandedDeep-FunnyGames - ThePirateBay.TO.torrent 2015-03-07 09:06 - 2015-03-07 16:48 - 00004352 _____ () C:\Windows\windefendam.log 2015-03-07 09:06 - 2015-03-07 16:48 - 00000020 _____ () C:\Windows\capsys184523.log 2015-03-07 09:06 - 2015-03-07 09:44 - 00000000 ____D () C:\Users\user6\AppData\Local\Mirillis 2015-03-07 09:06 - 2015-03-07 09:06 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Mirillis 2015-03-07 09:06 - 2015-03-07 09:06 - 00000000 ____D () C:\ProgramData\Mirillis 2015-03-07 08:59 - 2015-03-08 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis 2015-03-07 08:59 - 2015-03-07 08:59 - 00000000 ____D () C:\Program Files (x86)\Mirillis 2015-03-01 17:09 - 2015-03-01 17:10 - 00000036 _____ () C:\Users\user6\Desktop\Novi tekstualni dokument (4).txt 2015-02-25 22:51 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-25 22:51 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-25 19:15 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-02-25 19:15 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-02-25 19:15 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-02-25 19:15 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2015-02-24 08:40 - 2015-02-24 08:49 - 00000135 _____ () C:\Users\user6\Desktop\Novi tekstualni dokument (3).txt 2015-02-22 18:12 - 2015-02-22 18:12 - 11247104 _____ () C:\Users\user6\Downloads\sa-mp-0.3z-R2-install.exe 2015-02-22 18:12 - 2015-02-22 18:12 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-23 21:03 - 2012-08-10 11:47 - 00699126 _____ () C:\Windows\system32\perfh00E.dat 2015-03-23 21:03 - 2012-08-10 11:47 - 00176450 _____ () C:\Windows\system32\perfc00E.dat 2015-03-23 21:03 - 2009-07-14 06:13 - 01671176 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-23 21:02 - 2012-08-09 23:56 - 01305228 _____ () C:\Windows\WindowsUpdate.log 2015-03-23 20:58 - 2014-11-04 12:30 - 00000000 ____D () C:\Users\user6\AppData\Local\LogMeIn Hamachi 2015-03-23 20:57 - 2015-02-06 17:20 - 00001338 _____ () C:\Windows\Tasks\ESGDDJ.job 2015-03-23 20:57 - 2015-02-06 17:19 - 00001686 _____ () C:\Windows\Tasks\FVPHQRKH.job 2015-03-23 20:57 - 2014-11-03 14:10 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-23 20:57 - 2014-01-07 23:15 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs 2015-03-23 20:57 - 2014-01-07 02:41 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-03-23 20:57 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-23 20:57 - 2009-07-14 05:51 - 00243868 _____ () C:\Windows\setupact.log 2015-03-23 20:56 - 2010-11-21 04:47 - 02271002 _____ () C:\Windows\PFRO.log 2015-03-23 20:51 - 2014-01-18 15:22 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2683369425-3361945966-1453627295-1000UA.job 2015-03-23 20:27 - 2014-11-03 14:10 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-23 20:16 - 2014-03-13 06:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-23 18:39 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-23 18:39 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-23 18:33 - 2014-01-18 15:14 - 00000000 ____D () C:\Users\user6\AppData\Roaming\.minecraft 2015-03-22 22:07 - 2014-06-25 20:09 - 00000000 ____D () C:\Users\user6\AppData\Roaming\BitTorrent 2015-03-22 17:31 - 2012-08-10 16:38 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Skype 2015-03-22 13:51 - 2014-06-07 06:27 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1 2015-03-22 10:10 - 2014-09-04 17:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-22 10:05 - 2014-11-10 15:54 - 00000224 _____ () C:\Users\user6\BullseyeCoverageError.txt 2015-03-21 23:51 - 2014-01-18 15:22 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2683369425-3361945966-1453627295-1000Core.job 2015-03-21 19:36 - 2012-08-10 16:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-20 13:28 - 2014-11-03 14:11 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-03-19 10:12 - 2015-01-04 19:27 - 00000000 ____D () C:\Program Files (x86)\Software Update Services 2015-03-18 18:33 - 2014-11-09 10:15 - 00000000 ____D () C:\Users\user6\AppData\Roaming\vlc 2015-03-17 19:46 - 2015-02-01 11:53 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2015-03-17 19:46 - 2014-06-12 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2015-03-17 19:46 - 2014-04-21 18:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-17 19:45 - 2012-08-10 16:23 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-03-17 19:45 - 2012-08-10 16:23 - 00001134 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-03-17 19:45 - 2012-08-09 23:56 - 00001421 _____ () C:\Users\user6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-17 19:43 - 2014-05-17 15:25 - 00000000 ____D () C:\Program Files (x86)\Activision 2015-03-17 19:42 - 2014-10-11 17:53 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-03-17 13:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System 2015-03-17 13:43 - 2012-08-10 16:26 - 00460893 _____ () C:\Windows\DirectX.log 2015-03-17 12:43 - 2014-01-16 20:50 - 00000129 _____ () C:\Users\user6\AppData\default.pls 2015-03-17 12:42 - 2012-08-10 16:21 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Adobe 2015-03-15 18:15 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-03-13 15:04 - 2014-09-08 13:04 - 00000000 ____D () C:\Users\user6\AppData\Roaming\Sony 2015-03-12 12:50 - 2015-01-04 19:27 - 00000000 ____D () C:\Program Files (x86)\AspInfo 2015-03-12 12:33 - 2009-07-14 05:45 - 00472104 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-12 12:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS 2015-03-12 12:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-12 12:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS 2015-03-12 12:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-11 21:58 - 2012-08-10 16:40 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-11 21:53 - 2014-01-07 07:43 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-11 21:47 - 2012-08-10 00:45 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-11 17:33 - 2014-01-18 10:58 - 00000000 ____D () C:\Users\user6\Desktop\Vukove igrice 2015-03-08 08:34 - 2014-12-27 11:22 - 00000000 ____D () C:\Users\user6\Documents\Vegas Movie Studio HD 11.0 Projects 2015-03-04 18:12 - 2015-02-13 11:11 - 00000000 ____D () C:\Program Files (x86)\Windows-Optimizer 2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-03-02 17:00 - 2014-03-11 18:52 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-03-02 17:00 - 2012-08-10 16:28 - 00000000 ____D () C:\ProgramData\Skype 2015-02-26 08:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2015-02-25 07:44 - 2009-07-14 06:08 - 00032598 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-22 18:12 - 2014-09-13 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer ==================== Files in the root of some directories ======= 2014-03-09 17:48 - 2014-10-21 08:46 - 0000000 _____ () C:\Users\user6\AppData\Roaming\bitlord_log.txt 2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\user6\AppData\Roaming\ESGDDJ 2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\user6\AppData\Roaming\FVPHQRKH 2015-03-23 13:35 - 2015-03-23 13:47 - 0003584 _____ () C:\Users\user6\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Some content of TEMP: ==================== C:\Users\user6\AppData\Local\Temp\bdfilters.dll C:\Users\user6\AppData\Local\Temp\bitool.dll C:\Users\user6\AppData\Local\Temp\BullseyeCoverage-2-x86.dll C:\Users\user6\AppData\Local\Temp\cabex.dll C:\Users\user6\AppData\Local\Temp\dbhcabfbbed.exe C:\Users\user6\AppData\Local\Temp\dbhcabfbbjg.exe C:\Users\user6\AppData\Local\Temp\dbhcabfcebi.exe C:\Users\user6\AppData\Local\Temp\ICReinstall_WindowsMovieMakerSetup.exe C:\Users\user6\AppData\Local\Temp\jre-8u31-windows-au.exe C:\Users\user6\AppData\Local\Temp\NOSEventMessages.dll C:\Users\user6\AppData\Local\Temp\nvSCPAPI.dll C:\Users\user6\AppData\Local\Temp\nvStInst.exe C:\Users\user6\AppData\Local\Temp\Quarantine.exe C:\Users\user6\AppData\Local\Temp\SpOrder.dll C:\Users\user6\AppData\Local\Temp\sqlite3.dll C:\Users\user6\AppData\Local\Temp\tu17p84.exe C:\Users\user6\AppData\Local\Temp\unelevate.exe C:\Users\user6\AppData\Local\Temp\utt6E91.tmp.exe C:\Users\user6\AppData\Local\Temp\utt7915.tmp.exe C:\Users\user6\AppData\Local\Temp\vcredist12_x86.exe C:\Users\user6\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-15 10:00 ==================== End Of Log ============================ mycity.rs/must-login.png

Profil

Sass Drake Poslao: 23 Mar 2015 22:24 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesi. Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. Start HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\MountPoints2: F - F:\Install.exe HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\MountPoints2: {1c03d322-cc9a-11e4-8e2b-bc5ff4da1084} - F:\Install.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {5A894083-39AB-4E1E-A6C1-7D746127B9A4} - No File Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {50A502A9-FB97-4546-BF5E-62E62B705429} - No File Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {C723D3D7-5E15-48E3-BE2D-B671F0684A59} - No File F user.js: detected! => C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\user.js [2015-03-22] CHR DefaultSearchURL: Default -> web/?type=dspp&q={searchTerms} 2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\user6\AppData\Roaming\ESGDDJ 2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\user6\AppData\Roaming\FVPHQRKH Task: {03065306-1685-4906-B2C1-4830E68B7447} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION ask: {1AC189B1-E5F4-4BE2-9DBD-5010C19DBAEF} - System32\Tasks\FVPHQRKH => C:\Users\user6\AppData\Roaming\FVPHQRKH.exe <==== ATTENTION Task: {24021E93-7E8A-4E26-BC73-1D37F327AA52} - System32\Tasks\ESGDDJ => C:\Users\user6\AppData\Roaming\ESGDDJ.exe <==== ATTENTION Task: {39F4AD63-5F3E-47B1-8FEA-9D5976FEC9A2} - System32\Tasks\{9A0C2D10-4BDB-4C55-A969-7E3C5DD3E83C} => pcalua.exe -a "C:\Program Files (x86)\YouTube Accelerator\YTAUninstall.exe" Task: {3D0B13B1-A768-46F9-87C9-01F945222164} - System32\Tasks\{3D1E3DEF-2CCF-4DF6-838B-BF47F07F3031} => pcalua.exe -a E:\setup.exe -d E:\ Task: {4867ADAA-B2E3-4A27-9EDA-50A91CA0C419} - System32\Tasks\{AF160977-0AA7-4BDC-B730-2EA3A1A7EBCB} => pcalua.exe -a C:\Users\user6\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt Task: {52EA2540-4CC7-4E81-92EC-914F1843923D} - System32\Tasks\{9898694D-F691-4348-A63D-CE96BE8909C3} => pcalua.exe -a F:\Install.exe -d F:\ Task: {689D47F1-E2AE-457C-92B7-F2A18D0ABCD0} - \temp_2cddef8d-ae15-482d-9a3a-4f47642a6b72-1-6 No Task File <==== ATTENTION Task: {6BB36623-3FBD-4654-AF23-B8E13D2F8105} - System32\Tasks\{004D3A15-69AD-4126-95FD-CCD2E9CD0EBF} => pcalua.exe -a "C:\Users\user6\Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch\Sims3_1.0.632.00002_from_1.0.631.00002.exe" -d "C:\Users\user6\Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch" Task: {A4B2664B-A502-447C-8B55-69B022EC4B3E} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION Task: {C8F893F4-3AB2-4D13-8DF7-7978F7639FF4} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION Task: {D0A124E1-4CE9-486B-9B9F-6A78CC70B872} - System32\Tasks\{C3B4FB63-C003-4A14-A558-053D53BD7E7E} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{A724605D-B399-4304-B8C7-33B3EF7D4677}\setup.exe" -c -runfromtemp -l0x0409 -removeonly Task: {D421FEDB-1B92-4AFB-A182-75DCEF8EE4FB} - System32\Tasks\{E5D6992F-A9B2-442F-9BEE-9710F4A3678A} => pcalua.exe -a F:\autorun.exe -d F:\ Task: {F1C62A11-F30F-40DC-A2FB-486F866BE05B} - System32\Tasks\{EEE00595-AA4A-43B8-9AA3-8EDC9D8FE4EC} => pcalua.exe -a "C:\Users\user6\Downloads\EgyUp.Com.Harry Potter And The Goblet of Fire\EgyUp.Com.Harry Potter And The Goblet of Fire\HP-GOF.exe" -d "C:\Users\user6\Downloads\EgyUp.Com.Harry Potter And The Goblet of Fire\EgyUp.Com.Harry Potter And The Goblet of Fire" Task: {FBB8EEF8-EE78-46A1-81A3-8162DDE21453} - System32\Tasks\{D164F24E-BA81-4DD3-81D7-E12E809EA145} => pcalua.exe -a C:\Users\user6\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor Task: C:\Windows\Tasks\ESGDDJ.job => C:\Users\user6\AppData\Roaming\ESGDDJ.exe <==== ATTENTION Task: C:\Windows\Tasks\FVPHQRKH.job => C:\Users\user6\AppData\Roaming\FVPHQRKH.exe <==== ATTENTION C:\Program Files (x86)\Lavasoft\Web Companion C:\Users\user6\AppData\Local\BrowserHelper C:\Windows\System32\Tasks\SMupdate1 C:\Program Files (x86)\XTab C:\ProgramData\WindowsMangerProtect C:\ProgramData\IHProtectUpDate C:\Program Files (x86)\globalUpdate C:\PROGRA~1\COMMON~1\System\SysMenu.dll C:\Users\user6\AppData\Roaming\FVPHQRKH.exe C:\Users\user6\AppData\Roaming\ESGDDJ.exe AlternateDataStreams: C:\ProgramData:NT AlternateDataStreams: C:\ProgramData:NT2 AlternateDataStreams: C:\Users\All Users:NT AlternateDataStreams: C:\Users\All Users:NT2 AlternateDataStreams: C:\ProgramData\Application Data:NT AlternateDataStreams: C:\ProgramData\Application Data:NT2 AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 AlternateDataStreams: C:\ProgramData\TEMP:EEE3A74E AlternateDataStreams: C:\Users\user6\Application Data:NT AlternateDataStreams: C:\Users\user6\Application Data:NT2 AlternateDataStreams: C:\Users\user6\AppData\Roaming:NT AlternateDataStreams: C:\Users\user6\AppData\Roaming:NT2 R2 BDSGRTP; C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.645\BaiduProtect.exe [1940072 2014-12-04] (百度在线网络技术（北京）有限公司) R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [181072 2014-10-21] (Baidu) R1 bd0004; C:\Windows\System32\DRIVERS\bd0004.sys [170312 2014-11-28] (Baidu) R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2014-12-28] (Baidu Technology) R1 BDMWrench; C:\Windows\System32\DRIVERS\BDMWrench.sys [130888 2014-12-23] (Baidu) S1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [130888 2015-01-19] (Baidu) R2 BDSafeBrowser; C:\Windows\System32\DRIVERS\BDSafeBrowser.sys [48968 2014-10-20] (Baidu) S1 bd0002; system32\DRIVERS\bd0002.sys [X] C:\Program Files (x86)\Common Files\Baidu C:\Windows\System32\DRIVERS\bd0001.sys C:\Windows\System32\DRIVERS\bd0004.sys C:\Windows\System32\DRIVERS\BDArKit.sys C:\Windows\System32\DRIVERS\BDMWrench.sys C:\Windows\System32\DRIVERS\BDMWrench_x64.sys C:\Windows\System32\DRIVERS\BDSafeBrowser.sys EmptyTemp: End U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Profil

vas nalog Poslao: 23 Mar 2015 22:43 Idi na vrh
offline vas nalog Građanin Pridružio: 07 Apr 2012 Poruke: 114	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by user6 at 2015-03-23 22:36:29 Run:1 Running from C:\Users\user6\Desktop Loaded Profiles: user6 (Available profiles: user6) Boot Mode: Normal ============================================== Content of fixlist: *************** Start HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\MountPoints2: F - F:\Install.exe HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\...\MountPoints2: {1c03d322-cc9a-11e4-8e2b-bc5ff4da1084} - F:\Install.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {5A894083-39AB-4E1E-A6C1-7D746127B9A4} - No File Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {50A502A9-FB97-4546-BF5E-62E62B705429} - No File Toolbar: HKU\S-1-5-21-2683369425-3361945966-1453627295-1000 -> No Name - {C723D3D7-5E15-48E3-BE2D-B671F0684A59} - No File F user.js: detected! => C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\user.js [2015-03-22] CHR DefaultSearchURL: Default -> web/?type=dspp&q={searchTerms} 2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\user6\AppData\Roaming\ESGDDJ 2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\user6\AppData\Roaming\FVPHQRKH Task: {03065306-1685-4906-B2C1-4830E68B7447} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION ask: {1AC189B1-E5F4-4BE2-9DBD-5010C19DBAEF} - System32\Tasks\FVPHQRKH => C:\Users\user6\AppData\Roaming\FVPHQRKH.exe <==== ATTENTION Task: {24021E93-7E8A-4E26-BC73-1D37F327AA52} - System32\Tasks\ESGDDJ => C:\Users\user6\AppData\Roaming\ESGDDJ.exe <==== ATTENTION Task: {39F4AD63-5F3E-47B1-8FEA-9D5976FEC9A2} - System32\Tasks\{9A0C2D10-4BDB-4C55-A969-7E3C5DD3E83C} => pcalua.exe -a "C:\Program Files (x86)\YouTube Accelerator\YTAUninstall.exe" Task: {3D0B13B1-A768-46F9-87C9-01F945222164} - System32\Tasks\{3D1E3DEF-2CCF-4DF6-838B-BF47F07F3031} => pcalua.exe -a E:\setup.exe -d E:\ Task: {4867ADAA-B2E3-4A27-9EDA-50A91CA0C419} - System32\Tasks\{AF160977-0AA7-4BDC-B730-2EA3A1A7EBCB} => pcalua.exe -a C:\Users\user6\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt Task: {52EA2540-4CC7-4E81-92EC-914F1843923D} - System32\Tasks\{9898694D-F691-4348-A63D-CE96BE8909C3} => pcalua.exe -a F:\Install.exe -d F:\ Task: {689D47F1-E2AE-457C-92B7-F2A18D0ABCD0} - \temp_2cddef8d-ae15-482d-9a3a-4f47642a6b72-1-6 No Task File <==== ATTENTION Task: {6BB36623-3FBD-4654-AF23-B8E13D2F8105} - System32\Tasks\{004D3A15-69AD-4126-95FD-CCD2E9CD0EBF} => pcalua.exe -a "C:\Users\user6\Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch\Sims3_1.0.632.00002_from_1.0.631.00002.exe" -d "C:\Users\user6\Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch" Task: {A4B2664B-A502-447C-8B55-69B022EC4B3E} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION Task: {C8F893F4-3AB2-4D13-8DF7-7978F7639FF4} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION Task: {D0A124E1-4CE9-486B-9B9F-6A78CC70B872} - System32\Tasks\{C3B4FB63-C003-4A14-A558-053D53BD7E7E} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{A724605D-B399-4304-B8C7-33B3EF7D4677}\setup.exe" -c -runfromtemp -l0x0409 -removeonly Task: {D421FEDB-1B92-4AFB-A182-75DCEF8EE4FB} - System32\Tasks\{E5D6992F-A9B2-442F-9BEE-9710F4A3678A} => pcalua.exe -a F:\autorun.exe -d F:\ Task: {F1C62A11-F30F-40DC-A2FB-486F866BE05B} - System32\Tasks\{EEE00595-AA4A-43B8-9AA3-8EDC9D8FE4EC} => pcalua.exe -a "C:\Users\user6\Downloads\EgyUp.Com.Harry Potter And The Goblet of Fire\EgyUp.Com.Harry Potter And The Goblet of Fire\HP-GOF.exe" -d "C:\Users\user6\Downloads\EgyUp.Com.Harry Potter And The Goblet of Fire\EgyUp.Com.Harry Potter And The Goblet of Fire" Task: {FBB8EEF8-EE78-46A1-81A3-8162DDE21453} - System32\Tasks\{D164F24E-BA81-4DD3-81D7-E12E809EA145} => pcalua.exe -a C:\Users\user6\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor Task: C:\Windows\Tasks\ESGDDJ.job => C:\Users\user6\AppData\Roaming\ESGDDJ.exe <==== ATTENTION Task: C:\Windows\Tasks\FVPHQRKH.job => C:\Users\user6\AppData\Roaming\FVPHQRKH.exe <==== ATTENTION C:\Program Files (x86)\Lavasoft\Web Companion C:\Users\user6\AppData\Local\BrowserHelper C:\Windows\System32\Tasks\SMupdate1 C:\Program Files (x86)\XTab C:\ProgramData\WindowsMangerProtect C:\ProgramData\IHProtectUpDate C:\Program Files (x86)\globalUpdate C:\PROGRA~1\COMMON~1\System\SysMenu.dll C:\Users\user6\AppData\Roaming\FVPHQRKH.exe C:\Users\user6\AppData\Roaming\ESGDDJ.exe AlternateDataStreams: C:\ProgramData:NT AlternateDataStreams: C:\ProgramData:NT2 AlternateDataStreams: C:\Users\All Users:NT AlternateDataStreams: C:\Users\All Users:NT2 AlternateDataStreams: C:\ProgramData\Application Data:NT AlternateDataStreams: C:\ProgramData\Application Data:NT2 AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 AlternateDataStreams: C:\ProgramData\TEMP:EEE3A74E AlternateDataStreams: C:\Users\user6\Application Data:NT AlternateDataStreams: C:\Users\user6\Application Data:NT2 AlternateDataStreams: C:\Users\user6\AppData\Roaming:NT AlternateDataStreams: C:\Users\user6\AppData\Roaming:NT2 R2 BDSGRTP; C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.645\BaiduProtect.exe [1940072 2014-12-04] (????????(??)????) R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [181072 2014-10-21] (Baidu) R1 bd0004; C:\Windows\System32\DRIVERS\bd0004.sys [170312 2014-11-28] (Baidu) R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2014-12-28] (Baidu Technology) R1 BDMWrench; C:\Windows\System32\DRIVERS\BDMWrench.sys [130888 2014-12-23] (Baidu) S1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [130888 2015-01-19] (Baidu) R2 BDSafeBrowser; C:\Windows\System32\DRIVERS\BDSafeBrowser.sys [48968 2014-10-20] (Baidu) S1 bd0002; system32\DRIVERS\bd0002.sys [X] C:\Program Files (x86)\Common Files\Baidu C:\Windows\System32\DRIVERS\bd0001.sys C:\Windows\System32\DRIVERS\bd0004.sys C:\Windows\System32\DRIVERS\BDArKit.sys C:\Windows\System32\DRIVERS\BDMWrench.sys C:\Windows\System32\DRIVERS\BDMWrench_x64.sys C:\Windows\System32\DRIVERS\BDSafeBrowser.sys EmptyTemp: End *************** HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion => value deleted successfully. "HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => Key deleted successfully. "HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c03d322-cc9a-11e4-8e2b-bc5ff4da1084}" => Key deleted successfully. HKCR\CLSID\{1c03d322-cc9a-11e4-8e2b-bc5ff4da1084} => Key not found. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5A894083-39AB-4E1E-A6C1-7D746127B9A4} => value deleted successfully. HKCR\CLSID\{5A894083-39AB-4E1E-A6C1-7D746127B9A4} => Key not found. HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{50A502A9-FB97-4546-BF5E-62E62B705429} => value deleted successfully. HKCR\CLSID\{50A502A9-FB97-4546-BF5E-62E62B705429} => Key not found. HKU\S-1-5-21-2683369425-3361945966-1453627295-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C723D3D7-5E15-48E3-BE2D-B671F0684A59} => value deleted successfully. HKCR\CLSID\{C723D3D7-5E15-48E3-BE2D-B671F0684A59} => Key not found. F user.js: detected! => C:\Users\user6\AppData\Roaming\Mozilla\Firefox\Profiles\g0r9vezx.default\user.js [2015-03-22] => Error: No automatic fix found for this entry. Chrome DefaultSearchURL not detected. C:\Users\user6\AppData\Roaming\ESGDDJ => Moved successfully. C:\Users\user6\AppData\Roaming\FVPHQRKH => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03065306-1685-4906-B2C1-4830E68B7447}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03065306-1685-4906-B2C1-4830E68B7447}" => Key Deleted successfully. C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SMupdate3" => Key deleted successfully. ask: {1AC189B1-E5F4-4BE2-9DBD-5010C19DBAEF} - System32\Tasks\FVPHQRKH => C:\Users\user6\AppData\Roaming\FVPHQRKH.exe <==== ATTENTION => Error: No automatic fix found for this entry. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24021E93-7E8A-4E26-BC73-1D37F327AA52}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24021E93-7E8A-4E26-BC73-1D37F327AA52}" => Key Deleted successfully. C:\Windows\System32\Tasks\ESGDDJ => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ESGDDJ" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39F4AD63-5F3E-47B1-8FEA-9D5976FEC9A2}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39F4AD63-5F3E-47B1-8FEA-9D5976FEC9A2}" => Key Deleted successfully. C:\Windows\System32\Tasks\{9A0C2D10-4BDB-4C55-A969-7E3C5DD3E83C} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9A0C2D10-4BDB-4C55-A969-7E3C5DD3E83C}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D0B13B1-A768-46F9-87C9-01F945222164}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D0B13B1-A768-46F9-87C9-01F945222164}" => Key Deleted successfully. C:\Windows\System32\Tasks\{3D1E3DEF-2CCF-4DF6-838B-BF47F07F3031} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3D1E3DEF-2CCF-4DF6-838B-BF47F07F3031}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4867ADAA-B2E3-4A27-9EDA-50A91CA0C419}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4867ADAA-B2E3-4A27-9EDA-50A91CA0C419}" => Key Deleted successfully. C:\Windows\System32\Tasks\{AF160977-0AA7-4BDC-B730-2EA3A1A7EBCB} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AF160977-0AA7-4BDC-B730-2EA3A1A7EBCB}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52EA2540-4CC7-4E81-92EC-914F1843923D}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52EA2540-4CC7-4E81-92EC-914F1843923D}" => Key Deleted successfully. C:\Windows\System32\Tasks\{9898694D-F691-4348-A63D-CE96BE8909C3} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9898694D-F691-4348-A63D-CE96BE8909C3}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{689D47F1-E2AE-457C-92B7-F2A18D0ABCD0}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{689D47F1-E2AE-457C-92B7-F2A18D0ABCD0}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\temp_2cddef8d-ae15-482d-9a3a-4f47642a6b72-1-6" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BB36623-3FBD-4654-AF23-B8E13D2F8105}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BB36623-3FBD-4654-AF23-B8E13D2F8105}" => Key Deleted successfully. C:\Windows\System32\Tasks\{004D3A15-69AD-4126-95FD-CCD2E9CD0EBF} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{004D3A15-69AD-4126-95FD-CCD2E9CD0EBF}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A4B2664B-A502-447C-8B55-69B022EC4B3E}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4B2664B-A502-447C-8B55-69B022EC4B3E}" => Key Deleted successfully. C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8F893F4-3AB2-4D13-8DF7-7978F7639FF4} => Key not found. C:\Windows\System32\Tasks\SMupdate1 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMupdate1 => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0A124E1-4CE9-486B-9B9F-6A78CC70B872}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0A124E1-4CE9-486B-9B9F-6A78CC70B872}" => Key Deleted successfully. C:\Windows\System32\Tasks\{C3B4FB63-C003-4A14-A558-053D53BD7E7E} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C3B4FB63-C003-4A14-A558-053D53BD7E7E}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D421FEDB-1B92-4AFB-A182-75DCEF8EE4FB}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D421FEDB-1B92-4AFB-A182-75DCEF8EE4FB}" => Key Deleted successfully. C:\Windows\System32\Tasks\{E5D6992F-A9B2-442F-9BEE-9710F4A3678A} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5D6992F-A9B2-442F-9BEE-9710F4A3678A}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1C62A11-F30F-40DC-A2FB-486F866BE05B}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1C62A11-F30F-40DC-A2FB-486F866BE05B}" => Key Deleted successfully. C:\Windows\System32\Tasks\{EEE00595-AA4A-43B8-9AA3-8EDC9D8FE4EC} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EEE00595-AA4A-43B8-9AA3-8EDC9D8FE4EC}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBB8EEF8-EE78-46A1-81A3-8162DDE21453}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBB8EEF8-EE78-46A1-81A3-8162DDE21453}" => Key Deleted successfully. C:\Windows\System32\Tasks\{D164F24E-BA81-4DD3-81D7-E12E809EA145} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D164F24E-BA81-4DD3-81D7-E12E809EA145}" => Key Deleted successfully. C:\Windows\Tasks\ESGDDJ.job => Moved successfully. C:\Windows\Tasks\FVPHQRKH.job => Moved successfully. "C:\Program Files (x86)\Lavasoft\Web Companion" => File/Directory not found. "C:\Users\user6\AppData\Local\BrowserHelper" => File/Directory not found. "C:\Windows\System32\Tasks\SMupdate1" => File/Directory not found. "C:\Program Files (x86)\XTab" => File/Directory not found. "C:\ProgramData\WindowsMangerProtect" => File/Directory not found. "C:\ProgramData\IHProtectUpDate" => File/Directory not found. "C:\Program Files (x86)\globalUpdate" => File/Directory not found. C:\PROGRA~1\COMMON~1\System\SysMenu.dll => Moved successfully. "C:\Users\user6\AppData\Roaming\FVPHQRKH.exe" => File/Directory not found. "C:\Users\user6\AppData\Roaming\ESGDDJ.exe" => File/Directory not found. C:\ProgramData => ":NT" ADS removed successfully. C:\ProgramData => ":NT2" ADS removed successfully. "C:\Users\All Users" => ":NT" ADS not found. "C:\Users\All Users" => ":NT2" ADS not found. "C:\ProgramData\Application Data" => ":NT" ADS not found. "C:\ProgramData\Application Data" => ":NT2" ADS not found. C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully. C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully. C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully. C:\ProgramData\TEMP => ":EEE3A74E" ADS removed successfully. "C:\Users\user6\Application Data" => ":NT" ADS not found. "C:\Users\user6\Application Data" => ":NT2" ADS not found. C:\Users\user6\AppData\Roaming => ":NT" ADS removed successfully. C:\Users\user6\AppData\Roaming => ":NT2" ADS removed successfully. BDSGRTP => Unable to stop service BDSGRTP => Error deleting Service bd0001 => Unable to stop service bd0001 => Error deleting Service bd0004 => Unable to stop service bd0004 => Error deleting Service BDArKit => Unable to stop service BDArKit => Error deleting Service BDMWrench => Error deleting Service BDMWrench_x64 => Unable to stop service BDMWrench_x64 => Service deleted successfully. BDSafeBrowser => Unable to stop service BDSafeBrowser => Error deleting Service bd0002 => Error deleting Service "C:\Program Files (x86)\Common Files\Baidu" directory move: Could not move "C:\Program Files (x86)\Common Files\Baidu" directory. => Scheduled to move on reboot. Could not move "C:\Windows\System32\DRIVERS\bd0001.sys" => Scheduled to move on reboot. Could not move "C:\Windows\System32\DRIVERS\bd0004.sys" => Scheduled to move on reboot. Could not move "C:\Windows\System32\DRIVERS\BDArKit.sys" => Scheduled to move on reboot. Could not move "C:\Windows\System32\DRIVERS\BDMWrench.sys" => Scheduled to move on reboot. C:\Windows\System32\DRIVERS\BDMWrench_x64.sys => Moved successfully. Could not move "C:\Windows\System32\DRIVERS\BDSafeBrowser.sys" => Scheduled to move on reboot. EmptyTemp: => Removed 1.9 GB temporary data. => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-23 22:40:37)<= ==> ATTENTION: System is not rebooted. C:\Program Files (x86)\Common Files\Baidu => Moved successfully. "C:\Windows\System32\DRIVERS\bd0001.sys" => File could not move. "C:\Windows\System32\DRIVERS\bd0004.sys" => File could not move. "C:\Windows\System32\DRIVERS\BDArKit.sys" => File could not move. "C:\Windows\System32\DRIVERS\BDMWrench.sys" => File could not move. "C:\Windows\System32\DRIVERS\BDSafeBrowser.sys" => File could not move. ==== End of Fixlog 22:40:37 ====

Profil

Sass Drake Poslao: 23 Mar 2015 22:52 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ostatke Baidu-a ćemo opet pokušati da uklonimo: Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja. R2 BDSGRTP; C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.645\BaiduProtect.exe [1940072 2014-12-04] (百度在线网络技术（北京）有限公司) R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [181072 2014-10-21] (Baidu) R1 bd0004; C:\Windows\System32\DRIVERS\bd0004.sys [170312 2014-11-28] (Baidu) R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2014-12-28] (Baidu Technology) R1 BDMWrench; C:\Windows\System32\DRIVERS\BDMWrench.sys [130888 2014-12-23] (Baidu) S1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [130888 2015-01-19] (Baidu) R2 BDSafeBrowser; C:\Windows\System32\DRIVERS\BDSafeBrowser.sys [48968 2014-10-20] (Baidu) S1 bd0002; system32\DRIVERS\bd0002.sys [X] C:\Program Files (x86)\Common Files\Baidu C:\Windows\System32\DRIVERS\bd0001.sys C:\Windows\System32\DRIVERS\bd0004.sys C:\Windows\System32\DRIVERS\BDArKit.sys C:\Windows\System32\DRIVERS\BDMWrench.sys C:\Windows\System32\DRIVERS\BDMWrench_x64.sys C:\Windows\System32\DRIVERS\BDSafeBrowser.sys U okviru Notepad-a klikni na File --> Save As Fajl nazovi Fixlist i sačuvaj na Desktop Dvoklikom ponovo pokreni FRST.exe Klikni na Fix i sačekaj dok program ne završi. Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi. Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu. Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Profil

vas nalog Poslao: 23 Mar 2015 23:04 Idi na vrh
offline vas nalog Građanin Pridružio: 07 Apr 2012 Poruke: 114	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Za sada nismo ništa uradili. Stanje nepromenjeno. Oba puta me je prilikom kopiranja tvog loga u beležnicu i snimanja na radnu površinu upozorio da postoje delovi u Unikod formatu koji će biti izgubljeni. Ne znam da li to predstavlja problem? Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by user6 at 2015-03-23 22:56:05 Run:2 Running from C:\Users\user6\Desktop Loaded Profiles: user6 (Available profiles: user6) Boot Mode: Normal ============================================== Content of fixlist: *************** R2 BDSGRTP; C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.645\BaiduProtect.exe [1940072 2014-12-04] (????????(??)????) R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [181072 2014-10-21] (Baidu) R1 bd0004; C:\Windows\System32\DRIVERS\bd0004.sys [170312 2014-11-28] (Baidu) R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2014-12-28] (Baidu Technology) R1 BDMWrench; C:\Windows\System32\DRIVERS\BDMWrench.sys [130888 2014-12-23] (Baidu) S1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [130888 2015-01-19] (Baidu) R2 BDSafeBrowser; C:\Windows\System32\DRIVERS\BDSafeBrowser.sys [48968 2014-10-20] (Baidu) S1 bd0002; system32\DRIVERS\bd0002.sys [X] C:\Program Files (x86)\Common Files\Baidu C:\Windows\System32\DRIVERS\bd0001.sys C:\Windows\System32\DRIVERS\bd0004.sys C:\Windows\System32\DRIVERS\BDArKit.sys C:\Windows\System32\DRIVERS\BDMWrench.sys C:\Windows\System32\DRIVERS\BDMWrench_x64.sys C:\Windows\System32\DRIVERS\BDSafeBrowser.sys *************** BDSGRTP => Unable to stop service BDSGRTP => Error deleting Service bd0001 => Unable to stop service bd0001 => Error deleting Service bd0004 => Unable to stop service bd0004 => Error deleting Service BDArKit => Unable to stop service BDArKit => Error deleting Service BDMWrench => Unable to stop service BDMWrench => Error deleting Service BDMWrench_x64 => Service deleted successfully. BDSafeBrowser => Unable to stop service BDSafeBrowser => Error deleting Service bd0002 => Error deleting Service C:\Program Files (x86)\Common Files\Baidu => Moved successfully. Could not move "C:\Windows\System32\DRIVERS\bd0001.sys" => Scheduled to move on reboot. Could not move "C:\Windows\System32\DRIVERS\bd0004.sys" => Scheduled to move on reboot. Could not move "C:\Windows\System32\DRIVERS\BDArKit.sys" => Scheduled to move on reboot. Could not move "C:\Windows\System32\DRIVERS\BDMWrench.sys" => Scheduled to move on reboot. "C:\Windows\System32\DRIVERS\BDMWrench_x64.sys" => File/Directory not found. Could not move "C:\Windows\System32\DRIVERS\BDSafeBrowser.sys" => Scheduled to move on reboot. => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-23 22:58:06)<= C:\Windows\System32\DRIVERS\bd0001.sys => Moved successfully. C:\Windows\System32\DRIVERS\bd0004.sys => Moved successfully. C:\Windows\System32\DRIVERS\BDArKit.sys => Moved successfully. C:\Windows\System32\DRIVERS\BDMWrench.sys => Moved successfully. C:\Windows\System32\DRIVERS\BDSafeBrowser.sys => Moved successfully. ==== End of Fixlog 22:58:06 ====

Profil

Sass Drake Poslao: 23 Mar 2015 23:06 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje sistema? Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

vas nalog Poslao: 23 Mar 2015 23:27 Idi na vrh
offline vas nalog Građanin Pridružio: 07 Apr 2012 Poruke: 114	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Još uvek je tu :-( Ovo mi recimo otvara offers.bycontext.com/scjs/tb/ctxjs/index.ph.....country=RS Malwarebytes Anti-Rootkit BETA 1.09.1.1004 malwarebytes.org Database version: main: v2015.03.23.07 rootkit: v2015.02.25.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.17691 user6 :: USER6-PC [administrator] 3/23/2015 11:11:26 PM mbar-log-2015-03-23 (23-11-26).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit \| Drivers \| MBR \| Physical Sectors \| Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken Scan options disabled: Objects scanned: 396190 Time elapsed: 11 minute(s), 33 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) mycity.rs/must-login.png

Profil

Sass Drake Poslao: 23 Mar 2015 23:29 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Samo na Limundu ili na svakom sajtu?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Nekontrolisano otvaranje strana

Ko je trenutno na forumu

Ukupno su 947 korisnika na forumu :: 58 registrovanih, 7 sakrivenih i 882 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 8u47, A.R.Chafee.Jr., airsuba, AK - 230, aleksandarbl, Bobrock1, bojank, cavatina, ccoogg123, cer, darkojbn, DejanSt, Denaya, DENIRO, Dimitrise93, DonRumataEstorski, FileFinder, Frunze, GenZee, Georgius, gomago, ikan, Insan, ivica976, Karla, Koca Popovic, Kubovac, ljuba, Mi lao shu, milenko crazy north, MilosKop, mnn2, nedeljkovici, Nemanja.M, nikoladim, panzerwaffe, procesor, radionica1, raptorsi, repac, samsung, Sančo, Sir Budimir, Sirius, Srle993, t84dar, Tvrtko I, USSVoyager, vathra, vladas87, Vladko, voja64, VP6919, Webb, |_MeD_|, Čivi, 125, 1107

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by