PROVERA

PROVERA

offline
  • hdarko 
  • Novi MyCity građanin
  • Pridružio: 07 Mar 2016
  • Poruke: 2

Mislim da mi je zarazen racunar....
Izveštaj skeniranja od Farbar Recovery Scan Tool (FRST) (x64) Verzija:05-03-2016 01
Pokrenuo darko (administrator) na ASUS (18-03-2016 18:24:41)
Pokrenuto sa C:\Users\darko\Downloads
Učitani Profili: darko (Dostupani Profili: darko)
Platform: Windows 8.1 (X64) Jezik: srpski (latinica, Srbija)
Internet Explorer Verzija 11 (Podrazumevani pregledač: Chrome)
Režim pokretanja sistema: Normal
Vodič za Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Procesi (Na Beloj Listi) =================

(Ukoliko je stavka unešena u fixlist, proces ce biti zatvoren. Datoteka nece biti premešten.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\loggingserver.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\40.2.8\ScriptHelper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registar (Na Beloj Listi) ===========================

(Ukoliko je stavka unešena u fixlist, registru stavka ce biti vraćena na podrazumevanu vrednost ili uklonjena. Datoteka neće biti premeštena.)

HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [63272 2014-12-04] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2875464 2016-03-16] ()
HKU\S-1-5-21-3001574226-265496409-3400917415-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-3001574226-265496409-3400917415-1001\...\MountPoints2: {1a8f0ee2-bdf3-11e5-825b-ace010af4c72} - "G:\O16Setup.EXE"
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-11-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\darko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ParagrafLexAlarm.lnk [2016-01-27]
ShortcutTarget: ParagrafLexAlarm.lnk -> C:\Program Files (x86)\ParagrafLex\browser\ParagrafLexAlarm.exe (ParagrafLex d.o.o)

==================== Internet (Na Beloj Listi) ====================

(Ukoliko je stavka unešena u fixlist, ako je to registru stavka, biće uklonjena ili vraćena na podrazumevanu vrednost.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2316ADA2-3BF1-4150-8EA4-6B280F6A7508}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{A17682F3-581C-4C2F-B5EC-601766E5DA5E}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3001574226-265496409-3400917415-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={0568FE21-E25C-4748-9E90-25E0DD6A5E75}&mid=9dc3a30ddd4247cca1de7da9564ba581-210d90df5c797bfa81b0b4235e7b9be688041a96&lang=en&ds=AVG&coid=avgtbavg&cmpid=0216piz&pr=fr&d=2016-03-16 14:53:41&v=4.2.8.608&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3001574226-265496409-3400917415-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3001574226-265496409-3400917415-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3001574226-265496409-3400917415-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3001574226-265496409-3400917415-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0568FE21-E25C-4748-9E90-25E0DD6A5E75}&mid=9dc3a30ddd4247cca1de7da9564ba581-210d90df5c797bfa81b0b4235e7b9be688041a96&lang=en&ds=AVG&coid=avgtbavg&cmpid=0216piz&pr=fr&d=2016-03-16 14:53:41&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-03-09] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.8.608\AVG Web TuneUp.dll [2016-03-16] (AVG)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-03-09] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-03-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-31] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.8.608\AVG Web TuneUp.dll [2016-03-16] (AVG)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-31] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-09] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-09] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-09] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-09] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-03-09] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-25] (McAfee, Inc.)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-03-09] (Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.8\\npsitesafety.dll [Nema Datoteke]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-03-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-03-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi

Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google презентације) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-18]
CHR Extension: (Google документи) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-18]
CHR Extension: (Google диск) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-18]
CHR Extension: (YouTube) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-18]
CHR Extension: (AVG Secure Search) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-03-16]
CHR Extension: (Google Search) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-18]
CHR Extension: (Google табеле) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-18]
CHR Extension: (SiteAdvisor) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-01-24]
CHR Extension: (Google документи офлајн) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-16]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-18]
CHR Extension: (Gmail) - C:\Users\darko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-18]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-01]
CHR HKU\S-1-5-21-3001574226-265496409-3400917415-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-01]

==================== Servisi (Na Beloj Listi) ========================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe [71168 2014-12-04] (ASUS Cloud Corporation) [Datoteka nije potpisana]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2811632 2016-03-03] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-02-09] (WildTangent)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [163592 2016-02-25] (McAfee, Inc.)
R2 vToolbarUpdater40.2.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe [1957448 2016-03-16] (AVG Secure Search)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1216584 2016-03-16] ()

===================== Drajveri (Na Beloj Listi) ==========================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2014-11-24] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-11-24] (Advanced Micro Devices)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-07-29] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7546544 2015-11-20] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-01-18] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-01-18] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 mfeaack01; \Device\mfeaack01.sys [X]
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)


==================== Mesec Dana Kreirane Datoteke i Fascikli ========

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2016-03-18 18:23 - 2016-03-18 18:23 - 00025553 _____ C:\Users\darko\Downloads\Addition.txt
2016-03-18 18:22 - 2016-03-18 18:24 - 00020389 _____ C:\Users\darko\Downloads\FRST.txt
2016-03-18 18:22 - 2016-03-18 18:24 - 00000000 ____D C:\FRST
2016-03-18 18:01 - 2016-03-18 18:02 - 02374144 _____ (Farbar) C:\Users\darko\Desktop\FRST64.exe
2016-03-18 17:55 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-03-16 14:54 - 2016-03-16 14:54 - 00000000 ____D C:\Users\darko\AppData\Local\AVG Web TuneUp
2016-03-16 14:54 - 2016-03-16 14:54 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2016-03-16 14:54 - 2016-03-16 14:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-16 14:53 - 2016-03-16 14:54 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-03-16 14:53 - 2016-03-16 14:53 - 00000000 ____D C:\ProgramData\AVG Secure Search
2016-03-16 14:53 - 2016-03-16 14:53 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2016-03-16 14:53 - 2016-03-16 14:53 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-03-16 14:52 - 2016-03-16 14:53 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-03-16 07:52 - 2016-03-16 07:52 - 00000000 ____D C:\Users\darko\AppData\Roaming\AVG
2016-03-16 07:49 - 2016-03-16 07:49 - 00000000 ____D C:\Users\darko\AppData\Roaming\TuneUp Software
2016-03-16 07:43 - 2016-03-18 17:15 - 00000000 ____D C:\ProgramData\MFAData
2016-03-16 07:43 - 2016-03-16 07:43 - 00000000 ____D C:\Users\darko\AppData\Local\MFAData
2016-03-16 07:31 - 2016-03-16 07:32 - 00003706 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2016-03-16 07:21 - 2016-03-18 17:20 - 00000000 ____D C:\ProgramData\Avg
2016-03-16 07:21 - 2016-03-18 17:20 - 00000000 ____D C:\Program Files (x86)\AVG
2016-03-16 07:19 - 2016-03-18 17:19 - 00000000 ____D C:\Users\darko\AppData\Local\AvgSetupLog
2016-03-16 07:19 - 2016-03-18 17:15 - 00000000 ____D C:\Users\darko\AppData\Local\Avg
2016-03-16 07:19 - 2016-03-16 07:19 - 02895480 _____ (AVG Technologies) C:\Users\darko\Downloads\AVG_Performance_1128.exe
2016-03-14 16:31 - 2016-03-14 16:31 - 00069136 _____ C:\Users\darko\Downloads\received_1651192395143304.jpeg
2016-03-13 23:11 - 2016-03-16 07:36 - 00000000 ____D C:\Users\darko\Downloads\Windows 7 Ultimate SP1 IE10 (64 bit) Updated till ( 25-06-2013) Incl Activator @ Only By THE RAIN {HKRG}
2016-03-13 23:10 - 2016-03-13 23:10 - 00012164 _____ C:\Users\darko\Downloads\[kat.cr]windows.7.ultimate.sp1.ie10.64.bit.updated.till.25.06.2013.incl.activator.only.by.the.rain.hkrg.torrent
2016-03-13 23:07 - 2016-03-16 07:38 - 00000000 ____D C:\Users\darko\AppData\Roaming\uTorrent
2016-03-13 23:07 - 2016-03-13 23:07 - 00002649 _____ C:\Users\darko\Desktop\µTorrent.lnk
2016-03-13 23:06 - 2016-03-13 23:06 - 02094080 _____ (BitTorrent Inc.) C:\Users\darko\Downloads\uTorrent.exe
2016-03-13 22:58 - 2016-03-13 23:05 - 00000000 ____D C:\Users\darko\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2016-03-13 22:58 - 2016-03-13 22:58 - 00002532 _____ C:\Users\darko\Desktop\Windows 7 USB DVD Download Tool.lnk
2016-03-13 22:58 - 2016-03-13 22:58 - 00000000 ____D C:\Users\darko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-03-13 22:57 - 2016-03-13 22:57 - 02721168 _____ (Microsoft Corporation) C:\Users\darko\Downloads\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe
2016-03-13 22:48 - 2016-03-13 22:48 - 00997918 _____ C:\Users\darko\Downloads\Microsoft Windows 7 Ultimate SP1 x64 Integrated November 2013 Maherz rarMicrosoft Windows 7 Ultimate SP1 x64 Integrated November 2013 Maherz rar (1).zip
2016-03-13 22:44 - 2016-03-13 22:45 - 00997918 _____ C:\Users\darko\Downloads\Microsoft Windows 7 Ultimate SP1 x64 Integrated November 2013 Maherz rarMicrosoft Windows 7 Ultimate SP1 x64 Integrated November 2013 Maherz rar.zip
2016-03-10 05:58 - 2016-03-10 05:58 - 03797843 _____ C:\Users\darko\Downloads\UPRAVA ZA NEKRETNINE-DOPIS 29.02.2016..pdf
2016-03-09 22:21 - 2016-03-09 22:21 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-03-08 23:17 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-08 23:17 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-08 23:17 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-08 23:17 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-08 23:17 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-08 23:17 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-08 23:17 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-08 23:17 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-08 23:17 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-08 23:17 - 2016-01-24 19:19 - 00419160 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-03-08 23:17 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-08 23:17 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-03-08 23:17 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-03-08 23:17 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-03-08 23:17 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-03-08 23:17 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-03-08 23:17 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-03-08 23:17 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-03-08 23:17 - 2016-01-09 02:38 - 00091992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-03-08 23:17 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-03-08 23:17 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-03-08 23:17 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-03-08 23:17 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-03-08 23:17 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-08 23:17 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-08 23:17 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-08 23:17 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-08 23:17 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-08 23:16 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-08 23:16 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-08 23:16 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-03-08 23:16 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-08 23:16 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-03-08 19:53 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-08 19:53 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-08 19:53 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-08 19:53 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-08 19:53 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-08 19:53 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-08 19:53 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-08 19:53 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-08 19:53 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-08 19:53 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-08 19:52 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-03-08 19:52 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-08 19:52 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-03-08 19:52 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-08 19:52 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-08 19:52 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-08 19:52 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-08 19:52 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-08 19:52 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-08 19:52 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-08 19:52 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-03-08 19:52 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-08 19:52 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-08 19:52 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-03-08 19:52 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-08 19:52 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-08 19:52 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-08 19:52 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-08 19:52 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-08 19:52 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-03-08 19:52 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-08 19:49 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-08 19:49 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-08 19:49 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-03-08 19:49 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-08 19:49 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-08 19:49 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-08 19:49 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-08 19:49 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-08 19:49 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-08 19:49 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-08 19:49 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-08 19:49 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-08 19:49 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-08 19:49 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-08 19:49 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-08 19:49 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-08 19:49 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-08 19:49 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-08 19:49 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-08 19:49 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-03-08 19:49 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-03-08 19:49 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-08 19:49 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-08 19:49 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-08 19:49 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-08 19:49 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-08 19:49 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-08 19:49 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-08 19:49 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-08 19:49 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-08 19:49 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-08 19:49 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-08 19:49 - 2016-01-31 20:16 - 00148832 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 05:39 - 2016-03-08 05:39 - 00690448 _____ (Disc Soft Ltd.) C:\Users\darko\Downloads\DTLiteInstaller (1).exe
2016-03-07 22:49 - 2016-03-07 22:51 - 54676536 _____ (Lenovo Group Limited ) C:\Users\darko\Downloads\heme04ww.exe
2016-03-07 22:41 - 2016-03-07 22:41 - 00022647 _____ C:\Users\darko\Downloads\mdmxsdk.dll.zip
2016-03-07 22:33 - 2016-03-07 22:33 - 00007359 _____ C:\Users\darko\Downloads\mdmxsdk.zip
2016-03-07 22:29 - 2016-03-07 22:30 - 21244792 _____ ( ) C:\Users\darko\Downloads\DLLSuite.exe
2016-03-04 22:16 - 2016-03-04 22:16 - 00933136 _____ C:\Users\darko\Downloads\emailingfondobtuzbazaop_ulcinj001fondobtuzba.zip
2016-03-04 17:13 - 2016-03-04 17:13 - 00790519 _____ C:\Users\darko\Downloads\adv darko hajdukovic.pdf
2016-02-25 20:57 - 2016-02-25 20:57 - 00027028 _____ C:\Users\darko\Downloads\Gmail.zip
2016-02-24 21:48 - 2016-02-24 21:48 - 00192512 _____ C:\Users\darko\Downloads\image.jpeg
2016-02-19 15:06 - 2016-02-19 15:06 - 00045101 _____ C:\Users\darko\Downloads\510000000002015215_18022016.pdf
2016-02-18 21:57 - 2016-02-18 21:57 - 03852719 _____ C:\Users\darko\Downloads\Zapisnik_VladanBojic.pdf

==================== Mesec Dana Modifikovane Datoteke i Fascikli ========

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2016-03-18 18:21 - 2016-01-17 00:01 - 00000093 _____ C:\Users\darko\AppData\Roaming\sp_data.sys
2016-03-18 18:13 - 2016-01-18 16:03 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-18 17:52 - 2016-01-17 07:53 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3001574226-265496409-3400917415-1001
2016-03-18 17:43 - 2016-01-18 16:03 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-18 17:41 - 2015-11-20 17:48 - 00000000 ____D C:\ProgramData\McAfee
2016-03-18 17:41 - 2015-11-20 17:48 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-18 17:41 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-18 17:40 - 2015-11-20 17:33 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-03-18 17:39 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-03-18 17:39 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-03-18 17:38 - 2016-01-18 18:20 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-03-18 17:20 - 2016-01-18 16:17 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2016-03-18 17:20 - 2016-01-18 16:17 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2016-03-18 17:19 - 2016-01-18 01:01 - 00003916 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4794B458-313F-4795-A3DB-9C4BCF0FF437}
2016-03-18 17:15 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-18 17:04 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-03-18 17:01 - 2016-01-18 16:17 - 00003382 _____ C:\Windows\System32\Tasks\Update Checker
2016-03-18 17:01 - 2016-01-18 16:03 - 00003888 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-18 17:01 - 2016-01-18 16:03 - 00003652 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-18 17:01 - 2015-11-20 17:48 - 00003026 _____ C:\Windows\System32\Tasks\ASUS USB Charger Plus
2016-03-18 17:01 - 2015-11-20 17:46 - 00002986 _____ C:\Windows\System32\Tasks\ASUS Splendid ACMON
2016-03-18 17:01 - 2015-11-20 17:43 - 00003562 _____ C:\Windows\System32\Tasks\ATK Package 36D18D69AFC3
2016-03-18 17:01 - 2015-11-20 17:38 - 00003538 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher
2016-03-18 17:01 - 2015-11-20 17:34 - 00003138 _____ C:\Windows\System32\Tasks\RtHDVBg
2016-03-18 17:01 - 2015-11-20 17:34 - 00003132 _____ C:\Windows\System32\Tasks\RTKCPL
2016-03-16 15:04 - 2016-01-16 23:59 - 00000000 ____D C:\Users\darko\AppData\Local\VirtualStore
2016-03-16 07:36 - 2016-01-18 22:44 - 00000000 ____D C:\Users\darko\Desktop\a
2016-03-16 07:31 - 2016-01-17 20:29 - 00000000 ____D C:\Users\darko\AppData\Roaming\Skype
2016-03-16 07:31 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-03-15 15:31 - 2016-01-18 16:05 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 15:31 - 2016-01-18 16:05 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-14 22:31 - 2016-01-27 21:51 - 00013458 _____ C:\Windows\system32\perfh01A.dat
2016-03-14 22:31 - 2016-01-27 21:51 - 00004226 _____ C:\Windows\system32\perfc01A.dat
2016-03-14 22:31 - 2014-11-22 02:01 - 00863634 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-14 17:31 - 2016-01-16 23:59 - 00000000 ____D C:\Users\darko\AppData\Local\Packages
2016-03-14 08:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-03-13 22:14 - 2016-01-18 18:32 - 00000000 ____D C:\Windows\system32\MRT
2016-03-13 22:06 - 2016-01-18 18:32 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-12 05:24 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-03-11 22:46 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-03-09 23:19 - 2016-01-18 18:06 - 00003088 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3001574226-265496409-3400917415-1001
2016-03-09 23:19 - 2016-01-18 18:06 - 00000000 ___RD C:\Users\darko\OneDrive
2016-03-09 22:21 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-09 22:21 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-09 22:19 - 2016-01-18 17:54 - 00000000 ____D C:\Program Files\Microsoft Office
2016-03-09 22:12 - 2016-01-18 07:00 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-08 23:21 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-08 23:09 - 2013-08-22 15:44 - 00472712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-08 19:47 - 2016-01-17 20:20 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-08 19:47 - 2016-01-17 20:20 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-08 19:47 - 2016-01-17 20:20 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-08 08:00 - 2016-01-18 19:50 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:00 - 2016-01-18 19:50 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-29 15:22 - 2016-01-18 07:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-29 15:22 - 2016-01-18 07:01 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-18 15:42 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData

==================== Datoteke u korenu nekih direktorijuma =======

2016-01-17 00:01 - 2016-03-18 18:21 - 0000093 _____ () C:\Users\darko\AppData\Roaming\sp_data.sys
2015-11-20 17:34 - 2015-11-20 17:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-23 21:08 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2015-04-23 21:08 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2015-04-23 21:08 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Neke Datoteke u TEMP:
====================
C:\Users\darko\AppData\Local\Temp\0174631458319053mcinst.exe
C:\Users\darko\AppData\Local\Temp\McCSPInstall.dll
C:\Users\darko\AppData\Local\Temp\mccspuninstall.exe


==================== Bamital & volsnap =================

(Ne postoji automatizovan popravak za datoteke koji nisu prošle verifikaciju.)

C:\Windows\system32\winlogon.exe => Datoteka je digitalno potpisana
C:\Windows\system32\wininit.exe => Datoteka je digitalno potpisana
C:\Windows\explorer.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\explorer.exe => Datoteka je digitalno potpisana
C:\Windows\system32\svchost.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\svchost.exe => Datoteka je digitalno potpisana
C:\Windows\system32\services.exe => Datoteka je digitalno potpisana
C:\Windows\system32\User32.dll => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\User32.dll => Datoteka je digitalno potpisana
C:\Windows\system32\userinit.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\userinit.exe => Datoteka je digitalno potpisana
C:\Windows\system32\rpcss.dll => Datoteka je digitalno potpisana
C:\Windows\system32\dnsapi.dll => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\dnsapi.dll => Datoteka je digitalno potpisana
C:\Windows\system32\Drivers\volsnap.sys => Datoteka je digitalno potpisana


LastRegBack: 2016-03-16 22:16

==================== Kraj od FRST.txt ============================
mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8448
  • Gde živiš: Novi Beograd

Zdravo,

zasto mislis da si zarazen?

offline
  • hdarko 
  • Novi MyCity građanin
  • Pridružio: 07 Mar 2016
  • Poruke: 2

Kompjuter mi je bio sporiji,
skenirao sam ga Windows Defenderom i otkrio je dva rootkita koja sam obrisao,
skinuo sam posle Malware-Anti Malware i posle skeniranja otkrio je mnogo .PUP ova i sada mi najvjerovatnije treba neki adware,ako sam u pravu?
Hvala puno.

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8448
  • Gde živiš: Novi Beograd

Sad cemo videti da li je sve u redu.

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt
-------------

Arrow Preuzmi instalaciju za Malwarebytes Anti-Malware (MBAM) ver.2.0 i instaliraj aplikaciju.
Dvoklik na mbam-setup.exe i prati uputstva za instalaciju. Instalacija je klasicna, "Next > I Agree . . > Next > Install" princip. Po zavrsenoj instalaciji, klikni Finish.
Napomena: 14 dana besplatna trail verzija je pre-selektovana. Mozes decekirati ovu opciju ako zelis.


- Po prvom pokretanju, MBAM ce zapoceti "Update" u nameri da preuzme najsvezije definicije.
Ili ... klik na 'Update Now >>' link ili dugme radi preuzimanja svezih definicija.

• Konfigurisati skener; Na 'Settings' tabu, Detection and Protection podesiti sledece opcije:
1. pod-tab Detection Options, cekirati kucicu za 'Scan for rootkits';
2. pod-tab Non-Malware Protection, za 'PUP detections', prostarati se da je selektovana 'Threat detections as malware' opcija.




• Izvrsiti 'Threat Scan';
Klik na Scan tab, zatim na 'Scan Now >>' da bi izvrsio skeniranje.
Ukoliko MBAM prijavi da je 'update' dostupan, klik na 'Update Now' a potom nastaviti do skeniranja.
Obavestenje: kod nekih teskih infekcija, moguce je dobiti sledecu poruku "Could not load DDA driver". U tom slucaju, klik Yes na tu poruku, dopustiti ucitavanje drajvera po restartu racunara, dozvoliti restart.
Potom, nastaviti sa ostatkom instrukcija.


• Po zavrsenom skeniranju, klik na Apply Action dugme ukoliko je pretnja detektovana. Sacekati da program zatrazi restart!
- Klik na Yes na poruku koja govori da ce se sistem restartovati.



• Postaviti izvestaj (export-ovati logfile) na uvid;
Ponovo pokrenuti MBAM, klik na History tab > Application Logs. Dvoklik na 'Scan Log' koji pokazuje vreme i datum upravo izvrsenog skeniranja.
1. U novom prozoru klik na 'Export' dugme, pa izabrati 'Text file (*.txt)';
2. Kada se pojavi Save File dialog, izabrati da se log sacuva na Desktop.
U tom istom prozoru, dole pod File name: upisi 'mbam' kao naziv izvestaja i klikni dugme Save.

- Po dobijenoj poruci ("Your file has been successfully exported") izvestaj koji si nazvao kao 'mbam' bice sacuvan na Desktop.




Arrow Okaci mbam.txt uz poruku koristeci opciju Prikači fajl.

Ko je trenutno na forumu
 

Ukupno su 605 korisnika na forumu :: 28 registrovanih, 4 sakrivenih i 573 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., Apok, Atomski čoban, babaroga, bato, dankisha, Drug pukovnik, ekser222, Hoegaarden, hyla, Ilija Cvorovic, Insan, Jovan Nenad, Krusarac, ladro, Megapurpletv, nemkea71, Oluj2.1, operniki, ostoja, pein, Rakenica, stug, suton, Suva planina, trutcina, vlvl