MyCity » Ambulanta -> Arhiva Ambulante » Notbuk pun virusa

Notbuk pun virusa

Napisano na dan: 28.3.2015

Notbuk pun virusa
Sledeća strana Pagination

Idi na vrh

Poslao: 28 Mar 2015 14:49
Idi na vrh
offline
  • Anunnaki
  • Pridružio: 20 Apr 2012
  • Poruke: 1645

Pozdrav,
Imam puno virusa kad otvorim google chrome pojavi mi se odma mystrartsearch,onda mi se stranice sporo otvaraju,itd...

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Luta (administrator) on LUTA-PC on 28-03-2015 14:42:25
Running from C:\Users\Luta\Desktop
Loaded Profiles: Luta (Available profiles: Luta)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Program Files\YTDownloader\BrowserHelperSrv.exe
() C:\Program Files\Join Air\AssistantServices.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(BitTorrent Inc.) C:\Users\Luta\AppData\Roaming\BitTorrent\BitTorrent.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9292392 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-442875314-232777105-1719488670-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=14274.....3CSDXBLXTX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1.....XTX&q={searchTerms}
HKU\S-1-5-21-442875314-232777105-1719488670-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=14274.....3CSDXBLXTX
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll No File
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll No File
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Luta\AppData\Roaming\Mozilla\Firefox\Profiles\q5bb3hwc.default-1427549132412
FF Homepage: hxxp://www.google.co.uk/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-26] (RealNetworks, Inc.)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-03-27] (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-03-27] (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-03-27]
FF HKLM\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Luta\AppData\Roaming\Mozilla\Firefox\Profiles\r232wmkb.default\extensions\searchengine@gmail.com
FF HKLM\...\Firefox\Extensions: [istart_ffnt@gmail.com] - C:\Users\Luta\AppData\Roaming\Mozilla\Firefox\Profiles\r232wmkb.default\extensions\istart_ffnt@gmail.com

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-27]
CHR Extension: (Google Docs) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-01]
CHR Extension: (Google Drive) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-01]
CHR Extension: (YouTube) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-01]
CHR Extension: (Google Search) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-01]
CHR Extension: (Google Sheets) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-01]
CHR Extension: (Gmail) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-01]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BrsHelper; C:\Program Files\YTDownloader\BrowserHelperSrv.exe [112560 2015-03-26] ()
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-27] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-27] (globalUpdate) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 UI Assistant Service; C:\Program Files\Join Air\AssistantServices.exe [252784 2010-07-14] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [493712 2015-03-27] (SysTool PasSame LIMITED)
S2 RealNetworks Downloader Resolver Service; "C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe" [X]
S2 RealPlayerUpdateSvc; "C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe" [X]
S2 Update Air Globe; "C:\Program Files\Air Globe\updateAirGlobe.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
S1 MpKslf42fc706; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{94D5F675-2C03-4802-9648-DDC4CFD48397}\MpKslf42fc706.sys [39464 2015-03-27] () [File not signed]
R1 {4dcf5f16-e481-4ed1-9973-24b80676c934}Gw; C:\Windows\System32\drivers\{4dcf5f16-e481-4ed1-9973-24b80676c934}Gw.sys [43144 2015-03-27] (StdLib)
S2 sbmntr; \??\C:\PROGRA~1\YTDOWN~1\sbmntr.sys [X]
S2 SPDRIVER_1.38.1.1682; \??\C:\Program Files\ShopperPro\JSDriver\1.38.1.1682\jsdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-28 14:42 - 2015-03-28 14:43 - 00009426 _____ () C:\Users\Luta\Desktop\FRST.txt
2015-03-28 14:42 - 2015-03-28 14:42 - 00000000 ____D () C:\FRST
2015-03-28 14:40 - 2015-03-28 14:41 - 01135104 _____ (Farbar) C:\Users\Luta\Desktop\FRST.exe
2015-03-28 14:17 - 2015-03-28 14:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-28 14:03 - 2015-03-28 14:41 - 2947921920 _____ () C:\Users\Luta\Downloads\en_windows_8.1_pro_vl_with_update_x86_dvd_4065201.iso
2015-03-28 14:02 - 2015-03-28 14:02 - 00014532 _____ () C:\Users\Luta\Downloads\en_windows_8.1_pro_vl_with_update_x86_dvd_4065201.torrent
2015-03-28 13:55 - 2015-03-28 14:08 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2015-03-28 13:55 - 2015-03-28 13:55 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\subinacl.exe
2015-03-28 13:54 - 2015-03-28 13:54 - 00753184 _____ () C:\Users\Luta\Downloads\Adware-Removal-Tool-v3.9.1.exe
2015-03-28 13:51 - 2015-03-28 13:51 - 00000000 ____D () C:\Users\Luta\AppData\Local\Adobe
2015-03-27 22:13 - 2015-03-27 22:58 - 816867485 _____ () C:\Users\Luta\Downloads\DJ Mixtools 14 - Groove Tech Vol 2 - Loopmasters.rar
2015-03-27 19:16 - 2015-03-27 00:35 - 00043144 _____ (StdLib) C:\Windows\system32\Drivers\{4dcf5f16-e481-4ed1-9973-24b80676c934}Gw.sys
2015-03-27 19:06 - 2015-03-27 19:06 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-03-27 19:00 - 2015-03-28 14:10 - 00003772 _____ () C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-1-7.job
2015-03-27 19:00 - 2015-03-28 14:10 - 00003428 _____ () C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-1-6.job
2015-03-27 19:00 - 2015-03-28 14:10 - 00001332 _____ () C:\Windows\Tasks\KDUPB.job
2015-03-27 19:00 - 2015-03-27 19:10 - 00000000 ____D () C:\Users\Luta\AppData\Local\BrowserHelper
2015-03-27 19:00 - 2015-03-27 19:00 - 01499648 _____ (Sense+) C:\Users\Luta\AppData\Roaming\KDUPB.exe
2015-03-27 19:00 - 2015-03-27 19:00 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-03-27 18:59 - 2015-03-28 14:10 - 00003094 _____ () C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-5_user.job
2015-03-27 18:59 - 2015-03-28 14:10 - 00002750 _____ () C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-5.job
2015-03-27 18:58 - 2015-03-28 14:10 - 00004792 _____ () C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-4.job
2015-03-27 18:58 - 2015-03-28 14:10 - 00004454 _____ () C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-4.job
2015-03-27 18:58 - 2015-03-28 14:10 - 00003778 _____ () C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-1-7.job
2015-03-27 18:58 - 2015-03-28 14:10 - 00003434 _____ () C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-1-6.job
2015-03-27 18:57 - 2015-03-28 14:10 - 00006160 _____ () C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-6.job
2015-03-27 18:57 - 2015-03-28 14:10 - 00005816 _____ () C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-7.job
2015-03-27 18:57 - 2015-03-28 14:08 - 00000000 ____D () C:\Program Files\YTDownloader
2015-03-27 18:57 - 2015-03-27 18:58 - 00000000 ____D () C:\Program Files\2b921f06-9292-475d-802d-d8ff16b515f8
2015-03-27 18:56 - 2015-03-28 14:10 - 00006166 _____ () C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-6.job
2015-03-27 18:56 - 2015-03-28 14:10 - 00005822 _____ () C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-7.job
2015-03-27 18:56 - 2015-03-28 14:10 - 00005474 _____ () C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-11.job
2015-03-27 18:56 - 2015-03-27 18:58 - 00000000 ____D () C:\Program Files\9500c664-6b03-44f9-a413-038386e7c932
2015-03-27 18:55 - 2015-03-28 14:10 - 00005480 _____ () C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-11.job
2015-03-27 18:55 - 2015-03-28 14:10 - 00002072 _____ () C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-10_user.job
2015-03-27 18:55 - 2015-03-28 14:10 - 00001682 _____ () C:\Windows\Tasks\MOLPZCNO.job
2015-03-27 18:55 - 2015-03-27 18:55 - 01979904 _____ (Sense+) C:\Users\Luta\AppData\Roaming\MOLPZCNO.exe
2015-03-27 18:54 - 2015-03-27 18:54 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-03-27 18:52 - 2015-03-27 18:52 - 00000000 ____D () C:\Users\Luta\AppData\Local\CrashRpt
2015-03-27 18:51 - 2015-03-28 14:10 - 00003442 _____ () C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-1-7.job
2015-03-27 18:51 - 2015-03-28 14:10 - 00003106 _____ () C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-1-6.job
2015-03-27 18:51 - 2015-03-28 14:10 - 00002414 _____ () C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-5_user.job
2015-03-27 18:51 - 2015-03-28 14:10 - 00002414 _____ () C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-5.job
2015-03-27 18:50 - 2015-03-28 14:10 - 00005486 _____ () C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-6.job
2015-03-27 18:50 - 2015-03-28 14:10 - 00005150 _____ () C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-7.job
2015-03-27 18:50 - 2015-03-28 14:10 - 00004126 _____ () C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-4.job
2015-03-27 18:50 - 2015-03-27 18:50 - 00000000 ____D () C:\Program Files\5e19b9a9-6189-4857-8c02-88a3e3299b91
2015-03-27 18:49 - 2015-03-28 14:10 - 00005152 _____ () C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-11.job
2015-03-27 18:49 - 2015-03-28 14:10 - 00004462 _____ () C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-3.job
2015-03-27 18:49 - 2015-03-28 14:10 - 00002426 _____ () C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-5_user.job
2015-03-27 18:49 - 2015-03-28 14:10 - 00002426 _____ () C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-5.job
2015-03-27 18:48 - 2015-03-28 14:10 - 00003454 _____ () C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-1-7.job
2015-03-27 18:48 - 2015-03-28 14:10 - 00003118 _____ () C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-1-6.job
2015-03-27 18:48 - 2015-03-28 14:10 - 00002080 _____ () C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-10_user.job
2015-03-27 18:48 - 2015-03-28 14:10 - 00001328 _____ () C:\Windows\Tasks\ZQK.job
2015-03-27 18:48 - 2015-03-27 18:48 - 01554432 _____ (Cinema PlusV27.03) C:\Users\Luta\AppData\Roaming\ZQK.exe
2015-03-27 18:47 - 2015-03-27 19:22 - 00000000 ____D () C:\Users\Luta\AppData\Roaming\Opera Software
2015-03-27 18:47 - 2015-03-27 19:22 - 00000000 ____D () C:\Users\Luta\AppData\Local\Opera Software
2015-03-27 18:46 - 2015-03-28 14:10 - 00004474 _____ () C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-4.job
2015-03-27 18:45 - 2015-03-28 14:10 - 00005498 _____ () C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-6.job
2015-03-27 18:45 - 2015-03-28 14:10 - 00005162 _____ () C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-7.job
2015-03-27 18:45 - 2015-03-28 14:10 - 00001330 _____ () C:\Windows\Tasks\XBSK.job
2015-03-27 18:45 - 2015-03-27 18:46 - 00000000 ____D () C:\Program Files\f1d9840d-6724-425f-aa0e-63ef2c78604c
2015-03-27 18:45 - 2015-03-27 18:45 - 02045952 _____ (Cinema PlusV27.03) C:\Users\Luta\AppData\Roaming\XBSK.exe
2015-03-27 18:44 - 2015-03-28 14:44 - 00002092 _____ () C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-10_user.job
2015-03-27 18:44 - 2015-03-28 14:10 - 00004474 _____ () C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-3.job
2015-03-27 18:44 - 2015-03-28 14:10 - 00000890 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-03-27 18:44 - 2015-03-28 01:01 - 00000894 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-03-27 18:44 - 2015-03-27 18:44 - 00000000 ____D () C:\Users\Luta\AppData\Local\globalUpdate
2015-03-27 18:44 - 2015-03-27 18:44 - 00000000 ____D () C:\Program Files\globalUpdate
2015-03-27 15:42 - 2015-03-27 19:28 - 00004198 _____ () C:\Windows\PFRO.log
2015-03-27 15:29 - 2015-03-27 15:29 - 00000000 ____D () C:\Windows\pss
2015-03-27 14:06 - 2015-03-27 14:06 - 00000000 ____D () C:\Users\Luta\AppData\Roaming\RealNetworks
2015-03-27 14:06 - 2015-03-27 14:06 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-27 14:05 - 2015-03-27 14:05 - 00000000 ____D () C:\ProgramData\RealNetworks
2015-03-27 13:59 - 2015-03-27 15:37 - 00000000 ____D () C:\Users\Luta\AppData\Roaming\Real
2015-03-27 13:55 - 2015-03-27 15:37 - 00000000 ____D () C:\ProgramData\Real
2015-03-27 12:42 - 2015-03-27 17:52 - 00000000 ____D () C:\Users\Luta\Downloads\Sword.of.Vengeance.2015.HDRip.XviD.AC3-EVO
2015-03-27 11:54 - 2015-03-27 12:41 - 00000000 ____D () C:\Users\Luta\Downloads\The Hobbit The Battle of the Five Armies (2014)
2015-03-27 10:55 - 2015-03-27 10:55 - 00000000 ____D () C:\Users\Luta\Downloads\The.Water.Diviner.2014.BRRip.XviD.AC3-EVO
2015-03-27 10:45 - 2015-03-27 11:19 - 00000000 ____D () C:\Users\Luta\Downloads\Kill.Me.Three.Times.2014.HDRip.XViD-ETRG
2015-03-27 10:32 - 2015-03-27 10:32 - 00000000 ____D () C:\Users\Luta\Downloads\Mali Budo (2014)
2015-03-27 04:20 - 2015-03-27 07:12 - 00000000 ____D () C:\Users\Luta\Downloads\Pesgalaxy.com Patch 2015 4.00
2015-03-26 21:29 - 2015-03-28 14:09 - 00000784 _____ () C:\Windows\setupact.log
2015-03-26 21:29 - 2015-03-26 21:29 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-26 20:14 - 2015-03-26 20:14 - 00005542 _____ () C:\Users\Luta\AppData\Roaming\XBSK
2015-03-26 20:14 - 2015-03-26 20:14 - 00005542 _____ () C:\Users\Luta\AppData\Roaming\MOLPZCNO
2015-03-26 20:14 - 2015-03-26 20:14 - 00004185 _____ () C:\Users\Luta\AppData\Roaming\ZQK
2015-03-26 20:14 - 2015-03-26 20:14 - 00004185 _____ () C:\Users\Luta\AppData\Roaming\KDUPB
2015-03-25 12:19 - 2015-03-11 04:30 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 12:19 - 2015-03-11 04:30 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 12:19 - 2015-03-11 04:29 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 12:19 - 2015-03-11 04:29 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 12:19 - 2015-03-11 04:29 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 12:19 - 2015-03-11 04:29 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 12:19 - 2015-03-11 04:29 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 12:19 - 2015-03-11 04:26 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 13:01 - 2015-03-24 13:02 - 00000000 ____D () C:\Users\Luta\AppData\Local\Microsoft Games
2015-03-14 08:50 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 13:21 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 13:21 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 13:21 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 13:21 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 13:21 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 13:21 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 13:21 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 13:21 - 2015-02-20 03:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 13:21 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 13:21 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 13:21 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 13:21 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 13:21 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 13:21 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 13:21 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 13:21 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 13:21 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 13:21 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 13:21 - 2015-02-20 02:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 13:21 - 2015-02-20 02:50 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 13:21 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 13:21 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 13:21 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 13:21 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 13:21 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 13:21 - 2015-02-20 02:24 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 13:21 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 13:21 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 13:21 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 13:21 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 12:55 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-11 12:55 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 12:55 - 2015-02-03 04:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 12:55 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 12:55 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 12:55 - 2015-02-03 04:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 12:55 - 2015-01-31 00:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 12:55 - 2014-10-31 23:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 12:55 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 12:55 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 12:54 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 12:54 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 12:54 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 12:54 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 12:54 - 2015-02-03 04:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 12:54 - 2015-02-03 04:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 12:54 - 2015-02-03 04:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 12:54 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 12:54 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 12:54 - 2015-02-03 04:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 12:54 - 2015-02-03 04:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 12:54 - 2015-02-03 04:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 12:54 - 2015-02-03 04:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 12:54 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 12:54 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 12:54 - 2015-02-03 03:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 12:52 - 2015-01-31 04:33 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 12:52 - 2015-01-31 04:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 12:52 - 2015-01-31 01:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 12:47 - 2015-02-26 04:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 12:47 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 12:47 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 12:37 - 2015-03-06 06:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 12:37 - 2015-03-06 06:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 12:37 - 2015-03-06 06:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 12:37 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 12:37 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 12:37 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 12:37 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 12:37 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 12:37 - 2015-03-06 06:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 12:37 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 12:37 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 12:37 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 12:37 - 2015-03-06 06:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 12:37 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 12:37 - 2015-03-06 06:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 12:37 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 12:37 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 12:37 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 12:37 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 12:37 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 12:37 - 2015-02-20 05:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 12:37 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 12:37 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 12:37 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 12:36 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-08 01:09 - 2015-03-08 01:09 - 00000001 _____ () C:\Users\Luta\AppData\Local\llftool.4.40.agreement
2015-03-03 20:38 - 2015-03-03 20:38 - 00000000 ____D () C:\Users\Luta\AppData\Roaming\FastStone
2015-03-03 20:38 - 2015-03-03 20:38 - 00000000 ____D () C:\Users\Luta\AppData\Local\FastStone
2015-03-02 20:27 - 2015-03-02 20:27 - 00000000 ____D () C:\Users\Luta\Downloads\Turneja (2008) Domaci Film
2015-02-28 05:17 - 2015-03-08 13:16 - 00000000 ____D () C:\Users\Luta\Downloads\GTA San Andreas V1.03 Android (Data+APK) - the.HH
2015-02-26 03:02 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\system32\locale.nls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-28 14:44 - 2015-02-01 23:54 - 00000000 ____D () C:\Users\Luta\AppData\Roaming\BitTorrent
2015-03-28 14:29 - 2015-02-02 16:46 - 01217451 _____ () C:\Windows\WindowsUpdate.log
2015-03-28 14:14 - 2015-02-01 23:34 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-28 14:13 - 2015-02-01 23:40 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-28 14:10 - 2015-02-01 23:40 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-28 14:10 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-28 14:09 - 2009-07-14 05:34 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-28 14:09 - 2009-07-14 05:34 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-28 14:06 - 2015-02-01 23:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-28 00:31 - 2010-11-20 22:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 19:17 - 2009-07-14 03:04 - 00000505 _____ () C:\Windows\win.ini
2015-03-27 18:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-27 18:58 - 2015-02-01 23:34 - 00001339 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-27 18:58 - 2015-02-01 11:58 - 00001635 _____ () C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-27 18:50 - 2015-02-01 23:19 - 00000000 ____D () C:\Program Files\Broadcom
2015-03-26 21:25 - 2015-02-17 16:44 - 00000000 ____D () C:\Windows\Minidump
2015-03-26 21:25 - 2015-02-02 16:36 - 00000000 ____D () C:\Windows\Panther
2015-03-26 09:47 - 2015-02-06 15:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-26 09:47 - 2015-02-06 15:14 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-16 16:02 - 2015-02-25 01:41 - 00000000 ____D () C:\Users\Luta\Desktop\NIKOLA
2015-03-13 15:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-03-12 15:57 - 2009-07-14 05:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-12 15:56 - 2009-07-14 05:33 - 00267016 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 02:58 - 2015-02-06 11:26 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 02:58 - 2015-02-06 11:25 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-03 14:16 - 2015-02-03 09:44 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-03-26 20:14 - 2015-03-26 20:14 - 0004185 _____ () C:\Users\Luta\AppData\Roaming\KDUPB
2015-03-27 19:00 - 2015-03-27 19:00 - 1499648 _____ (Sense+) C:\Users\Luta\AppData\Roaming\KDUPB.exe
2015-03-26 20:14 - 2015-03-26 20:14 - 0005542 _____ () C:\Users\Luta\AppData\Roaming\MOLPZCNO
2015-03-27 18:55 - 2015-03-27 18:55 - 1979904 _____ (Sense+) C:\Users\Luta\AppData\Roaming\MOLPZCNO.exe
2015-03-26 20:14 - 2015-03-26 20:14 - 0005542 _____ () C:\Users\Luta\AppData\Roaming\XBSK
2015-03-27 18:45 - 2015-03-27 18:45 - 2045952 _____ (Cinema PlusV27.03) C:\Users\Luta\AppData\Roaming\XBSK.exe
2015-03-26 20:14 - 2015-03-26 20:14 - 0004185 _____ () C:\Users\Luta\AppData\Roaming\ZQK
2015-03-27 18:48 - 2015-03-27 18:48 - 1554432 _____ (Cinema PlusV27.03) C:\Users\Luta\AppData\Roaming\ZQK.exe
2015-03-08 01:09 - 2015-03-08 01:09 - 0000001 _____ () C:\Users\Luta\AppData\Local\llftool.4.40.agreement

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-25 17:51

==================== End Of Log ============================


https://www.mycity.rs/must-login.png

Unaprijed Hvala Ziveli

Poslao: 29 Mar 2015 00:16
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Pozdrav,


Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

createsrpoint;
autoclean;
emptyalltemp;

Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.

Poslao: 29 Mar 2015 11:12
Idi na vrh
offline
  • Anunnaki
  • Pridružio: 20 Apr 2012
  • Poruke: 1645

Zoek.exe v5.0.0.0 Updated 28-March-2015
Tool run by Luta on Sun 03/29/2015 at 10:40:21.12.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Luta\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

3/29/2015 10:41:28 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Users\Luta\AppData\Roaming\FlashgetSetup deleted successfully
C:\Users\Luta\AppData\Roaming\Opera Software deleted successfully
C:\Users\Luta\AppData\Local\Opera Software deleted successfully
C:\Users\Luta\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RealNetworks Downloader Resolver Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\RealNetworks Downloader Resolver Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RealPlayerUpdateSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\RealPlayerUpdateSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbmntr deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sbmntr deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPDRIVER_1.38.1.1682 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SPDRIVER_1.38.1.1682 deleted successfully

==== Deleting Files \ Folders ======================

C:\Users\Luta\.android deleted
C:\Program Files\globalUpdate deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\PROGRA~2\APN deleted
C:\PROGRA~2\WindowsMangerProtect deleted
C:\Users\Luta\AppData\Local\globalUpdate deleted
C:\Users\Luta\AppData\Local\CrashRpt deleted
C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-1-6.job deleted
C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-1-7.job deleted
C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-10_user.job deleted
C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-11.job deleted
C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-4.job deleted
C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-5.job deleted
C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-5_user.job deleted
C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-6.job deleted
C:\Windows\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-7.job deleted
C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-1-6.job deleted
C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-1-7.job deleted
C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-10_user.job deleted
C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-3.job deleted
C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-4.job deleted
C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-5.job deleted
C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-5_user.job deleted
C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-6.job deleted
C:\Windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-7.job deleted
C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-1-6.job deleted
C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-1-7.job deleted
C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-11.job deleted
C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-4.job deleted
C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-6.job deleted
C:\Windows\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-7.job deleted
C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-1-6.job deleted
C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-1-7.job deleted
C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-10_user.job deleted
C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-11.job deleted
C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-3.job deleted
C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-4.job deleted
C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-5.job deleted
C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-5_user.job deleted
C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-6.job deleted
C:\Windows\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-7.job deleted
C:\Windows\system32\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-1-6 deleted
C:\Windows\system32\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-1-7 deleted
C:\Windows\system32\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-10_user deleted
C:\Windows\system32\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-11 deleted
C:\Windows\system32\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-4 deleted
C:\Windows\system32\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-5 deleted
C:\Windows\system32\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-5_user deleted
C:\Windows\system32\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-6 deleted
C:\Windows\system32\Tasks\22f426d3-1586-47cd-98de-6f8ae585b8ed-7 deleted
C:\Windows\system32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-1-6 deleted
C:\Windows\system32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-1-7 deleted
C:\Windows\system32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-10_user deleted
C:\Windows\system32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-3 deleted
C:\Windows\system32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-4 deleted
C:\Windows\system32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-5 deleted
C:\Windows\system32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-5_user deleted
C:\Windows\system32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-6 deleted
C:\Windows\system32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-7 deleted
C:\Windows\system32\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-1-6 deleted
C:\Windows\system32\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-1-7 deleted
C:\Windows\system32\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-11 deleted
C:\Windows\system32\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-4 deleted
C:\Windows\system32\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-6 deleted
C:\Windows\system32\Tasks\963c8e41-8d64-4104-932b-b7a6be3ec34c-7 deleted
C:\Windows\system32\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-1-6 deleted
C:\Windows\system32\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-1-7 deleted
C:\Windows\system32\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-10_user deleted
C:\Windows\system32\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-11 deleted
C:\Windows\system32\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-3 deleted
C:\Windows\system32\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-4 deleted
C:\Windows\system32\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-5 deleted
C:\Windows\system32\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-5_user deleted
C:\Windows\system32\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-6 deleted
C:\Windows\system32\Tasks\ced3568c-84b3-493c-a4b0-e0f17ccd6f9f-7 deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Windows\tasks\KDUPB.job deleted
C:\Windows\system32\tasks\KDUPB deleted
C:\Windows\tasks\MOLPZCNO.job deleted
C:\Windows\system32\tasks\MOLPZCNO deleted
C:\Windows\tasks\XBSK.job deleted
C:\Windows\system32\tasks\XBSK deleted
C:\Windows\tasks\ZQK.job deleted
C:\Windows\system32\tasks\ZQK deleted
C:\Windows\system32\Tasks\SPDriver deleted
C:\Windows\system32\tasks\ShopperPro deleted
C:\Windows\system32\tasks\ShopperProJSUpd deleted
C:\Windows\system32\tasks\YTDownloader deleted
C:\Windows\system32\tasks\YTDownloaderUpd deleted
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted
C:\Windows\system32\tasks\globalUpdateUpdateTaskMachineCore deleted
C:\Windows\system32\tasks\globalUpdateUpdateTaskMachineUA deleted
C:\Windows\system32\tasks\SMupdate1 deleted
C:\Windows\System32\drivers\{4dcf5f16-e481-4ed1-9973-24b80676c934}Gw.sys deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Users\Luta\AppData\Roaming\KDUPB.exe deleted
C:\Users\Luta\AppData\Roaming\MOLPZCNO.exe deleted
C:\Users\Luta\AppData\Roaming\XBSK.exe deleted
C:\Users\Luta\AppData\Roaming\ZQK.exe deleted
"C:\Users\Luta\AppData\Roaming\KDUPB" deleted
"C:\Users\Luta\AppData\Roaming\MOLPZCNO" deleted
"C:\Users\Luta\AppData\Roaming\XBSK" deleted
"C:\Users\Luta\AppData\Roaming\ZQK" deleted
"C:\Program Files\YTDownloader\BrowserHelperSrv.exe" deleted
"C:\Program Files\YTDownloader" not deleted
"C:\PROGRA~2\Package Cache" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"istart_ffnt@gmail.com"="C:\Users\Luta\AppData\Roaming\Mozilla\Firefox\Profiles\r232wmkb.default\extensions\istart_ffnt@gmail.com" []

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Luta\AppData\Roaming\Mozilla\Firefox\Profiles\q5bb3hwc.default-1427549132412
98137411B9C632095F919E2CE70B288A - C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update
252949179FE1C491B7D16A9AA376B29B - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5 (32-bit)
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash


==== Chromium Look ======================

Chrome Hotword Shared Module - Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg

==== Chromium Startpages ======================

C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.co.uk/",
"startup_urls": [ "http://www.google.co.uk/" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1427479060&from=amt&uid=HitachiXHTS545025B9A300_101105PBN203CSDXBLXTX"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1427479060&from=amt&uid=HitachiXHTS545025B9A300_101105PBN203CSDXBLXTX&q={searchTerms}"
"Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1427479060&from=amt&uid=HitachiXHTS545025B9A300_101105PBN203CSDXBLXTX"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Start Page Redirect Cache"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-442875314-232777105-1719488670-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3049C3E9-B461-4BC5-8870-4C09146192CA} deleted successfully
HKEY_USERS\S-1-5-21-442875314-232777105-1719488670-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3049C3E9-B461-4BC5-8870-4C09146192CA} deleted successfully
HKEY_USERS\S-1-5-21-442875314-232777105-1719488670-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_USERS\S-1-5-21-442875314-232777105-1719488670-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\searchengine@gmail.com deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\istart_ffnt@gmail.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Luta\Desktop\JDownloader 2.lnk - C:\Users\Luta\AppData\Local\JDownloader 2.0\JDownloader2.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk - C:\Users\Luta\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=142747906.....3CSDXBLXTX
C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=142747906.....3CSDXBLXTX
C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Uninstaller.lnk - C:\Users\Luta\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Update & Rescue.lnk - C:\Users\Luta\AppData\Local\JDownloader 2.0\JDownloader2Update.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2.lnk - C:\Users\Luta\AppData\Local\JDownloader 2.0\JDownloader2.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files\WinRAR\Rar.txt
C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files\WinRAR\WhatsNew.txt
C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player PRO.lnk - C:\Program Files\Webteh\BSplayerPro\bsplayer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk - C:\Program Files\Microsoft Security Client\msseces.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/?type=sc&ts=142747906.....3CSDXBLXTX
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk - C:\Program Files\DVD Maker\DVDMaker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk - C:\Windows\system32\mblctr.exe /open
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk - C:\Windows\system32\SnippingTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk - C:\Windows\system32\StikyNot.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\ShapeCollector.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk - C:\Program Files\Windows Journal\Journal.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=142747906.....3CSDXBLXTX
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Join Air\Join Air.lnk - C:\Program Files\Join Air\UIMain.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Join Air\Uninstall.lnk - C:\Windows\System32\SupportAppCB\EXETimer.exe "C:\Windows\system32\SupportAppCB\Uninstall.bat"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Uninstall Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh\BS.Player PRO\BS.Player PRO capture.lnk - C:\Program Files\Webteh\BSplayerPro\bsplayer.exe -capture
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh\BS.Player PRO\BS.Player PRO subtitle editor.lnk - C:\Program Files\Webteh\BSplayerPro\bsplayer.exe -subedit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh\BS.Player PRO\BS.Player PRO.lnk - C:\Program Files\Webteh\BSplayerPro\bsplayer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh\BS.Player PRO\Uninstall BS.Player PRO.lnk - C:\Program Files\Webteh\BSplayerPro\uninstall.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files\WinRAR\WhatsNew.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player PRO.lnk - C:\Program Files\Webteh\BSplayerPro\bsplayer.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=142747906.....3CSDXBLXTX
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BitTorrent.lnk - C:\Users\Luta\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/?type=sc&ts=142747906.....3CSDXBLXTX
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

==== shortcuts After Repair ======================

C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Luta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealDownloader deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Luta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Luta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Luta\AppData\Local\Mozilla\Firefox\Profiles\q5bb3hwc.default-1427549132412\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=121 folders=26 16833308 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Luta\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Luta\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files\YTDownloader" not found

==== EOF on Sun 03/29/2015 at 11:10:11.59 ======================

Poslao: 29 Mar 2015 11:21
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Odlicno, Zoek je sredio dosta toga Smile


Sada ponovo pokreni FRST, cekiraj Addition.txt kvadrat, klikni na Scan i dostavi oba izvestaja.

Poslao: 29 Mar 2015 12:37
Idi na vrh
offline
  • Anunnaki
  • Pridružio: 20 Apr 2012
  • Poruke: 1645

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Luta (administrator) on LUTA-PC on 29-03-2015 12:32:08
Running from C:\Users\Luta\Desktop
Loaded Profiles: Luta (Available profiles: Luta)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Program Files\Join Air\AssistantServices.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(BitTorrent Inc.) C:\Users\Luta\AppData\Roaming\BitTorrent\BitTorrent.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AppWork GmbH) C:\Users\Luta\AppData\Local\JDownloader 2.0\JDownloader2.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9292392 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-442875314-232777105-1719488670-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\S-1-5-21-442875314-232777105-1719488670-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Luta\AppData\Roaming\Mozilla\Firefox\Profiles\q5bb3hwc.default-1427549132412
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-03-27]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-27]
CHR Extension: (Google Docs) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-02]
CHR Extension: (Google Drive) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-02]
CHR Extension: (YouTube) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-02]
CHR Extension: (Google Search) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-02]
CHR Extension: (Google Sheets) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-28]
CHR Extension: (Google Wallet) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-02]
CHR Extension: (Gmail) - C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-02]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 UI Assistant Service; C:\Program Files\Join Air\AssistantServices.exe [252784 2010-07-14] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 BrsHelper; C:\PROGRA~1\YTDOWN~1\BROWSE~2.EXE [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
S1 MpKslf42fc706; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{94D5F675-2C03-4802-9648-DDC4CFD48397}\MpKslf42fc706.sys [X]
S1 {4dcf5f16-e481-4ed1-9973-24b80676c934}Gw; system32\drivers\{4dcf5f16-e481-4ed1-9973-24b80676c934}Gw.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 12:32 - 2015-03-29 12:33 - 00006955 _____ () C:\Users\Luta\Desktop\FRST.txt
2015-03-29 11:54 - 2015-03-29 11:54 - 00439346 _____ () C:\Users\Luta\Downloads\Lud.Zbunjen.Normalan.s06e06-UKP.E150-dareduleo.rar.part
2015-03-29 11:51 - 2015-03-29 12:34 - 107567158 _____ () C:\Users\Luta\Downloads\Lud.Zbunjen.Normalan.s06e05-UKP.E149-dareduleo.rar.part
2015-03-29 11:50 - 2015-03-29 12:34 - 78229450 _____ () C:\Users\Luta\Downloads\Lud.Zbunjen.Normalan.s06e04-UKP.E148-dareduleo.rar.part
2015-03-29 11:47 - 2015-03-29 12:34 - 91601769 _____ () C:\Users\Luta\Downloads\Lud.Zbunjen.Normalan.s06e02-UKP.E146-dareduleo.rar.part
2015-03-29 11:44 - 2015-03-29 11:44 - 00000000 ____D () C:\Users\Luta\Downloads\Lud Zbunjen Normalan s06e06-UKP E150-dareduleo
2015-03-29 11:27 - 2015-03-29 11:28 - 00000000 ____D () C:\Users\Luta\Desktop\Lud Zbunjen Normalan 2014
2015-03-29 11:08 - 2015-03-29 10:40 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-29 10:41 - 2015-03-29 11:10 - 00027487 _____ () C:\zoek-results.log
2015-03-29 10:40 - 2015-03-29 11:03 - 00000000 ____D () C:\zoek_backup
2015-03-29 10:38 - 2015-03-29 10:39 - 01305600 _____ () C:\Users\Luta\Desktop\zoek.exe
2015-03-29 07:27 - 2015-03-29 07:27 - 00146216 _____ () C:\Windows\Minidump\032915-23368-01.dmp
2015-03-29 06:53 - 2015-03-29 12:24 - 00000000 ____D () C:\Users\Luta\Downloads\Top Five (2014)
2015-03-29 06:52 - 2015-03-29 11:57 - 00000000 ____D () C:\Users\Luta\Downloads\Son of a Gun (2014)
2015-03-29 06:52 - 2015-03-29 11:28 - 00000000 ____D () C:\Users\Luta\Downloads\The.Pyramid.2014.HDRip.XViD-juggs[ETRG]
2015-03-29 06:52 - 2015-03-29 10:23 - 00000000 ____D () C:\Users\Luta\Downloads\Paddington (2014)
2015-03-29 06:52 - 2015-03-29 07:13 - 00000000 ____D () C:\Users\Luta\Downloads\Kidnapping Mr. Heineken (2015)
2015-03-29 06:29 - 2015-03-29 10:35 - 00000000 ____D () C:\Users\Luta\Downloads\Cymbeline.2014.HDRip.XViD-juggs[ETRG]
2015-03-29 01:21 - 2015-03-29 01:25 - 75389595 _____ () C:\Users\Luta\Downloads\5 Crucial Settings in Traktor Pro 2.mp4
2015-03-28 23:59 - 2015-03-28 23:59 - 00002014 _____ () C:\Users\Luta\Desktop\JDownloader 2.lnk
2015-03-28 23:59 - 2015-03-28 23:59 - 00000000 ____D () C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-03-28 23:54 - 2015-03-29 11:42 - 00000000 ____D () C:\Users\Luta\AppData\Local\JDownloader 2.0
2015-03-28 23:13 - 2015-03-28 23:13 - 00000305 _____ () C:\Windows\system32\secushr.dat
2015-03-28 20:55 - 2015-03-28 23:13 - 00000248 _____ () C:\Windows\system32\secustat.dat
2015-03-28 20:54 - 2015-03-28 23:13 - 00000000 ____D () C:\Users\Luta\AppData\Roaming\BITS
2015-03-28 20:54 - 2015-03-28 20:54 - 00000025 _____ () C:\Windows\emcore.INI
2015-03-28 19:28 - 2015-03-28 19:28 - 00001862 _____ () C:\Users\Luta\Downloads\GTA Bosna MOD 2013® V2.0 DOWNLOAD.txt
2015-03-28 18:13 - 2015-03-28 18:13 - 01601024 _____ (Mobatek) C:\Users\Luta\Downloads\MobaLiveCD_v2.1.exe
2015-03-28 18:05 - 2015-03-28 20:08 - 3234545664 _____ () C:\Users\Luta\Downloads\Windows10_TechnicalPreview_x32_EN-GB_9926.iso
2015-03-28 16:23 - 2015-03-29 07:27 - 218379456 _____ () C:\Windows\MEMORY.DMP
2015-03-28 16:23 - 2015-03-28 16:23 - 00145904 _____ () C:\Windows\Minidump\032815-22822-01.dmp
2015-03-28 15:42 - 2015-03-29 12:32 - 00000000 ____D () C:\FRST
2015-03-28 15:40 - 2015-03-28 15:41 - 01135104 _____ (Farbar) C:\Users\Luta\Desktop\FRST.exe
2015-03-28 15:17 - 2015-03-28 15:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-28 15:03 - 2015-03-28 18:02 - 2947921920 _____ () C:\Users\Luta\Downloads\en_windows_8.1_pro_vl_with_update_x86_dvd_4065201.iso
2015-03-28 14:55 - 2015-03-28 20:17 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\subinacl.exe
2015-03-28 14:51 - 2015-03-28 14:51 - 00000000 ____D () C:\Users\Luta\AppData\Local\Adobe
2015-03-27 20:06 - 2015-03-27 20:06 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-03-27 20:00 - 2015-03-27 20:10 - 00000000 ____D () C:\Users\Luta\AppData\Local\BrowserHelper
2015-03-27 16:42 - 2015-03-29 11:09 - 00011248 _____ () C:\Windows\PFRO.log
2015-03-27 16:29 - 2015-03-27 16:29 - 00000000 ____D () C:\Windows\pss
2015-03-27 15:06 - 2015-03-27 15:06 - 00000000 ____D () C:\Users\Luta\AppData\Roaming\RealNetworks
2015-03-27 15:05 - 2015-03-27 15:05 - 00000000 ____D () C:\ProgramData\RealNetworks
2015-03-27 14:59 - 2015-03-27 16:37 - 00000000 ____D () C:\Users\Luta\AppData\Roaming\Real
2015-03-27 14:55 - 2015-03-27 16:37 - 00000000 ____D () C:\ProgramData\Real
2015-03-27 13:42 - 2015-03-27 18:52 - 00000000 ____D () C:\Users\Luta\Downloads\Sword.of.Vengeance.2015.HDRip.XviD.AC3-EVO
2015-03-27 12:54 - 2015-03-27 13:41 - 00000000 ____D () C:\Users\Luta\Downloads\The Hobbit The Battle of the Five Armies (2014)
2015-03-27 11:55 - 2015-03-27 11:55 - 00000000 ____D () C:\Users\Luta\Downloads\The.Water.Diviner.2014.BRRip.XviD.AC3-EVO
2015-03-27 11:45 - 2015-03-27 12:19 - 00000000 ____D () C:\Users\Luta\Downloads\Kill.Me.Three.Times.2014.HDRip.XViD-ETRG
2015-03-27 11:32 - 2015-03-27 11:32 - 00000000 ____D () C:\Users\Luta\Downloads\Mali Budo (2014)
2015-03-27 05:20 - 2015-03-27 08:12 - 00000000 ____D () C:\Users\Luta\Downloads\Pesgalaxy.com Patch 2015 4.00
2015-03-26 22:29 - 2015-03-29 11:09 - 00001232 _____ () C:\Windows\setupact.log
2015-03-26 22:29 - 2015-03-26 22:29 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-25 13:19 - 2015-03-11 05:30 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 13:19 - 2015-03-11 05:30 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 13:19 - 2015-03-11 05:29 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 13:19 - 2015-03-11 05:29 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 13:19 - 2015-03-11 05:29 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 13:19 - 2015-03-11 05:29 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 13:19 - 2015-03-11 05:29 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 13:19 - 2015-03-11 05:26 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 14:01 - 2015-03-24 14:02 - 00000000 ____D () C:\Users\Luta\AppData\Local\Microsoft Games
2015-03-14 09:50 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 14:21 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 14:21 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 14:21 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 14:21 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 14:21 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 14:21 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 14:21 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 14:21 - 2015-02-20 04:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 14:21 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 14:21 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 14:21 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 14:21 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 14:21 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 14:21 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 14:21 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 14:21 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 14:21 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 14:21 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 14:21 - 2015-02-20 03:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 14:21 - 2015-02-20 03:50 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 14:21 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 14:21 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 14:21 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 14:21 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 14:21 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 14:21 - 2015-02-20 03:24 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 14:21 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 14:21 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 14:21 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 14:21 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 13:55 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-11 13:55 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 13:55 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 13:55 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 13:55 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 13:55 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 13:55 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 13:55 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 13:55 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 13:55 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 13:54 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 13:54 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 13:54 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 13:54 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 13:54 - 2015-02-03 05:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 13:54 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 13:54 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 13:54 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 13:54 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 13:54 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 13:54 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 13:54 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 13:54 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 13:54 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 13:54 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 13:54 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 13:52 - 2015-01-31 05:33 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 13:52 - 2015-01-31 05:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 13:52 - 2015-01-31 02:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 13:47 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 13:47 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 13:47 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 13:37 - 2015-03-06 07:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 13:37 - 2015-03-06 07:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 13:37 - 2015-03-06 07:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 13:37 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 13:37 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 13:37 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 13:37 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 13:37 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 13:37 - 2015-03-06 07:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 13:37 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 13:37 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 13:37 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 13:37 - 2015-03-06 07:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 13:37 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 13:37 - 2015-03-06 07:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 13:37 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 13:37 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 13:37 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 13:37 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 13:37 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 13:37 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 13:37 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 13:37 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 13:37 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 13:36 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-08 02:09 - 2015-03-08 02:09 - 00000001 _____ () C:\Users\Luta\AppData\Local\llftool.4.40.agreement
2015-03-03 21:38 - 2015-03-03 21:38 - 00000000 ____D () C:\Users\Luta\AppData\Roaming\FastStone
2015-03-03 21:38 - 2015-03-03 21:38 - 00000000 ____D () C:\Users\Luta\AppData\Local\FastStone
2015-03-02 21:27 - 2015-03-02 21:27 - 00000000 ____D () C:\Users\Luta\Downloads\Turneja (2008) Domaci Film
2015-02-28 06:17 - 2015-03-08 14:16 - 00000000 ____D () C:\Users\Luta\Downloads\GTA San Andreas V1.03 Android (Data+APK) - the.HH

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 12:32 - 2015-02-02 00:54 - 00000000 ____D () C:\Users\Luta\AppData\Roaming\BitTorrent
2015-03-29 12:24 - 2015-02-02 17:46 - 01301505 _____ () C:\Windows\WindowsUpdate.log
2015-03-29 12:13 - 2015-02-02 00:40 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-29 12:06 - 2015-02-02 00:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-29 11:17 - 2010-11-20 23:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-29 11:10 - 2015-02-02 00:40 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-29 11:10 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-29 11:06 - 2015-02-02 00:34 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-29 11:06 - 2015-02-01 12:58 - 00001840 _____ () C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-29 11:03 - 2015-02-01 12:57 - 00000000 ____D () C:\Users\Luta
2015-03-29 11:03 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-29 10:36 - 2015-02-25 02:59 - 00000000 ____D () C:\Users\Luta\Desktop\LUKA
2015-03-29 07:27 - 2015-02-17 17:44 - 00000000 ____D () C:\Windows\Minidump
2015-03-28 16:23 - 2015-02-02 00:34 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-28 15:09 - 2009-07-14 06:34 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-28 15:09 - 2009-07-14 06:34 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-27 20:17 - 2009-07-14 04:04 - 00000505 _____ () C:\Windows\win.ini
2015-03-27 19:50 - 2015-02-02 00:19 - 00000000 ____D () C:\Program Files\Broadcom
2015-03-26 22:25 - 2015-02-02 17:36 - 00000000 ____D () C:\Windows\Panther
2015-03-26 10:47 - 2015-02-06 16:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-26 10:47 - 2015-02-06 16:14 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-16 17:02 - 2015-02-25 02:41 - 00000000 ____D () C:\Users\Luta\Desktop\NIKOLA
2015-03-13 16:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-03-12 16:57 - 2009-07-14 06:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-12 16:56 - 2009-07-14 06:33 - 00267016 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 03:58 - 2015-02-06 12:26 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 03:58 - 2015-02-06 12:25 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-03 15:16 - 2015-02-03 10:44 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-03-08 02:09 - 2015-03-08 02:09 - 0000001 _____ () C:\Users\Luta\AppData\Local\llftool.4.40.agreement

Some content of TEMP:
====================
C:\Users\Luta\AppData\Local\Temp\proxy_vole1722518458257627742.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-25 18:51

==================== End Of Log ============================


https://www.mycity.rs/must-login.png

Poslao: 29 Mar 2015 15:48
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

closeprocesses:
emptytemp:
S2 BrsHelper; C:\PROGRA~1\YTDOWN~1\BROWSE~2.EXE [X]
C:\PROGRA~1\YTDOWN~1
S1 MpKslf42fc706; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{94D5F675-2C03-4802-9648-DDC4CFD48397}\MpKslf42fc706.sys [X]
S1 {4dcf5f16-e481-4ed1-9973-24b80676c934}Gw; system32\drivers\{4dcf5f16-e481-4ed1-9973-24b80676c934}Gw.sys [X]
C:\Users\Luta\AppData\Local\Temp\proxy_vole1722518458257627742.dll
Task: {2EDD8E94-5E1D-4906-A8B3-1177AF732454} - System32\Tasks
Task: {4A021F9D-B440-4BCF-ADF3-1DE6298589EC} - System32\Tasks
Task: {563F97CC-10D3-41D6-A99E-AE8C8DB18F12} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: {633F3694-F6F5-4337-968E-3BB9E2AB5295} - \SPDriver No Task File <==== ATTENTION
Task: {B8284243-CFCA-4B39-B97E-78A60CA2E1F5} - \ShopperPro No Task File <==== ATTENTION
Task: {F25595A5-93F4-4A62-AAE8-21003B3D14E6} - \SMupdate1 No Task File <==== ATTENTION


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Poslao: 29 Mar 2015 16:19
Idi na vrh
offline
  • Anunnaki
  • Pridružio: 20 Apr 2012
  • Poruke: 1645

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Luta at 2015-03-29 16:15:09 Run:1
Running from C:\Users\Luta\Desktop
Loaded Profiles: Luta (Available profiles: Luta)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
closeprocesses:
emptytemp:
S2 BrsHelper; C:\PROGRA~1\YTDOWN~1\BROWSE~2.EXE [X]
C:\PROGRA~1\YTDOWN~1
S1 MpKslf42fc706; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{94D5F675-2C03-4802-9648-DDC4CFD48397}\MpKslf42fc706.sys [X]
S1 {4dcf5f16-e481-4ed1-9973-24b80676c934}Gw; system32\drivers\{4dcf5f16-e481-4ed1-9973-24b80676c934}Gw.sys [X]
C:\Users\Luta\AppData\Local\Temp\proxy_vole1722518458257627742.dll
Task: {2EDD8E94-5E1D-4906-A8B3-1177AF732454} - System32\Tasks
Task: {4A021F9D-B440-4BCF-ADF3-1DE6298589EC} - System32\Tasks
Task: {563F97CC-10D3-41D6-A99E-AE8C8DB18F12} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: {633F3694-F6F5-4337-968E-3BB9E2AB5295} - \SPDriver No Task File <==== ATTENTION
Task: {B8284243-CFCA-4B39-B97E-78A60CA2E1F5} - \ShopperPro No Task File <==== ATTENTION
Task: {F25595A5-93F4-4A62-AAE8-21003B3D14E6} - \SMupdate1 No Task File <==== ATTENTION
*****************

Processes closed successfully.
BrsHelper => Service not found.
"C:\PROGRA~1\YTDOWN~1" => File/Directory not found.
MpKslf42fc706 => Service not found.
{4dcf5f16-e481-4ed1-9973-24b80676c934}Gw => Service deleted successfully.
"C:\Users\Luta\AppData\Local\Temp\proxy_vole1722518458257627742.dll" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2EDD8E94-5E1D-4906-A8B3-1177AF732454}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EDD8E94-5E1D-4906-A8B3-1177AF732454}" => Key deleted successfully.
C:\Windows\System32\Tasks => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\TreeTask: {2EDD8E94-5E1D-4906-A8B3-1177AF732454} - System32\Tasks => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A021F9D-B440-4BCF-ADF3-1DE6298589EC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A021F9D-B440-4BCF-ADF3-1DE6298589EC}" => Key deleted successfully.
Could not move "C:\Windows\System32\Tasks" => Scheduled to move on reboot.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\TreeTask: {4A021F9D-B440-4BCF-ADF3-1DE6298589EC} - System32\Tasks => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{563F97CC-10D3-41D6-A99E-AE8C8DB18F12}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{563F97CC-10D3-41D6-A99E-AE8C8DB18F12}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd" => Key Deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{633F3694-F6F5-4337-968E-3BB9E2AB5295}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{633F3694-F6F5-4337-968E-3BB9E2AB5295}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver" => Key Deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B8284243-CFCA-4B39-B97E-78A60CA2E1F5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8284243-CFCA-4B39-B97E-78A60CA2E1F5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperPro" => Key Deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F25595A5-93F4-4A62-AAE8-21003B3D14E6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F25595A5-93F4-4A62-AAE8-21003B3D14E6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMupdate1" => Key Deleted successfully.
EmptyTemp: => Removed 140.7 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-29 16:17:32)<=

C:\Windows\System32\Tasks => Moved successfully.

==== End of Fixlog 16:17:33 ====

Poslao: 29 Mar 2015 17:47
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Odlicno. Kako je racunar sada?

Poslao: 29 Mar 2015 18:46
Idi na vrh
offline
  • Anunnaki
  • Pridružio: 20 Apr 2012
  • Poruke: 1645

Odlican konacno nema tolbara,stranice mi brze ocitavaju,za sad je odlican.

MyCity » Ambulanta -> Arhiva Ambulante » Notbuk pun virusa

Ko je trenutno na forumu
 

Ukupno su 467 korisnika na forumu :: 21 registrovanih, 1 sakriven i 445 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., bbogdan, Brana01, Bubimir, darkojbn, dekan.m, drimer, DrugiREI, Marko Marković, Mi lao shu, Milos82, miodrag, novator, prle122, stegonosa, vladaa012, VP6919, yrraf, zziko, 1107