offline
- Pridružio: 28 Jan 2009
- Poruke: 76
|
Napisano: 13 Jul 2016 11:53
Poz ekipa,
Juce postjetih sajt online filmovi sa prevodom i odmah nakon njega mi zabudali komp, prije svega chrome, sva instorija i favorites su mi izbrisani, pa sve nesto sam instalira. Skinuh malwarebytes ocistih sa njim ali i dalje budali po malo.
Windows 8.1 je u pitanju.
Dopuna: 13 Jul 2016 12:00
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
Ran by Nikola Pejovic (administrator) on NIKOLAPC (13-07-2016 11:55:47)
Running from C:\Users\Nikola Pejovic\Downloads
Loaded Profiles: Nikola Pejovic (Available Profiles: Nikola Pejovic)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(猫哈网络 版权所有) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
() C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe
(重庆悦微捷科技有限公司) C:\Program Files\YueweijieNetTrans\TransHost.exe
() C:\Users\Nikola Pejovic\AppData\Local\40EACB4B-1468409017-E011-B495-A9D1B81A1D31\qnse220A.tmp
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\Eap3Host.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe
() C:\Users\Nikola Pejovic\AppData\Local\Viber\Viber.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(eee) C:\Users\Nikola Pejovic\AppData\Roaming\THREADAPP.exe
() C:\Users\Nikola Pejovic\AppData\Roaming\adb.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Nikola Pejovic\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe [9558752 2015-08-27] ()
HKLM-x32\...\Run: [MTel_ontenegro Imola ModemListener] => C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe [125504 2012-05-14] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ACPW07EN] => C:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1414984 2013-09-25] (ACD Systems)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [EYAN] => C:\Users\Nikola Pejovic\AppData\Roaming\THREADAPP.exe [9216000 2016-07-05] (eee)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [Viber] => C:\Users\Nikola Pejovic\AppData\Local\Viber\Viber.exe [80036560 2015-05-25] ()
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [Dropbox Update] => C:\Users\Nikola Pejovic\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: D - "D:\autorun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {06ffbd2c-e5fb-11e4-827d-60d819ea6866} - "G:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {06ffbd7f-e5fb-11e4-827d-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {1c2b1253-13c8-11e4-825a-60d819ea6866} - "D:\autorun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {403db24f-c8f7-11e5-82b9-60d819ea6866} - "G:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {46966f1b-2cac-11e5-8285-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {4c352bcc-f3da-11e4-827e-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {8f3306ca-33bd-11e4-825e-60d819ea6866} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {8f3306d8-33bd-11e4-825e-60d819ea6866} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {e4e87462-9b4c-11e5-82ac-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {e4e87525-9b4c-11e5-82ac-60d819ea6866} - "D:\AutoRun.exe"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [JzShlobj] -> {7B286609-DA97-47E1-AC6B-33B8B4732C95} => C:\Program Files\ZipTool\JZipExt.dll [2015-11-30] ()
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => C:\Program Files\¿ìѹ\X64\KZipShell.dll [2016-07-13] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
Startup: C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-07-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 193.2.1.66 193.2.1.72
Tcpip\..\Interfaces\{2685DFB0-E5AB-43CB-B5EE-5F4148B3C450}: [DhcpNameServer] 193.2.1.66 193.2.1.72
Tcpip\..\Interfaces\{51D99859-CEE1-4B15-AA5C-B73E1ABD6149}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2864281891-3376825052-3278056506-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-02] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll [2014-11-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll [2014-11-03] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-07-11] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-07-11] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-10-24] [not signed]
Chrome:
=======
CHR DefaultSearchURL: pruvchshzedomhalgh -> hxxp://feed.wiki-search.me/?st=ds&query={searchTerms}
CHR DefaultSearchKeyword: pruvchshzedomhalgh -> Wiki Search.me
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed]
R2 KuaizipUpdateChecker; C:\Program Files\¿ìѹ\X86\kuaizipUpdateChecker.dll [219072 2016-07-13] ()
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe [712432 2015-08-27] ()
R2 MaohaWifiSvr; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [170464 2014-12-18] (猫哈网络 版权所有)
R2 MTel_ontenegro Imola Modem Device Helper; C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 YueweijieTransHost; C:\Program Files\YueweijieNetTrans\TransHost.exe [634216 2016-06-20] (重庆悦微捷科技有限公司)
R2 zigipyro; C:\Users\Nikola Pejovic\AppData\Local\40EACB4B-1468409017-E011-B495-A9D1B81A1D31\qnse220A.tmp [158720 2015-12-26] () [File not signed]
R2 ziphost; c:\program files\ziptool\ziphost.dll [114080 2015-11-30] ()
S2 FastCompress; C:\Program Files (x86)\FastCompress-Zip\Fast_Support.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-07-29] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-07-29] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-07-29] (BitDefender)
R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2015-01-06] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2015-01-06] (BitDefender LLC)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [155912 2015-01-22] (BitDefender LLC)
S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [375040 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [120832 2011-06-20] (TCT International Mobile Ltd)
R2 KuaiZipDrive; C:\Windows\system32\drivers\KuaiZipDrive.sys [92872 2016-07-13] (WinMount International Inc)
R1 MaohaWifiNetPro; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaoHaWiFiNet64.sys [871152 2015-10-27] ()
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [81792 2016-07-04] (Huorong Borui (Beijing) Technology Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2013-10-31] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [236888 2013-10-31] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 ZipProtect; c:\program files\ziptool\ZipProtect64.sys [886512 2015-12-14] ()
S1 MpKsl209e431b; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D12B0855-EECF-4B7D-9690-D53D32B4F929}\MpKsl209e431b.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-13 11:55 - 2016-07-13 11:56 - 00021301 _____ C:\Users\Nikola Pejovic\Downloads\FRST.txt
2016-07-13 11:55 - 2016-07-13 11:55 - 02390528 _____ (Farbar) C:\Users\Nikola Pejovic\Downloads\FRST64.exe
2016-07-13 11:55 - 2016-07-13 11:55 - 02390528 _____ (Farbar) C:\Users\Nikola Pejovic\Downloads\FRST64 (1).exe
2016-07-13 11:55 - 2016-07-13 11:55 - 00000000 ____D C:\FRST
2016-07-13 11:44 - 2016-07-13 11:44 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2016-07-13 11:26 - 2016-07-13 11:42 - 00000080 _____ C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\¿ìÑ1.lnk
2016-07-13 11:23 - 2016-07-13 11:23 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\40EACB4B-1468409017-E011-B495-A9D1B81A1D31
2016-07-13 11:01 - 2016-07-13 11:19 - 00000492 _____ C:\Windows\Tasks\UCBrowserUpdater.job
2016-07-13 11:01 - 2016-07-13 11:01 - 00003460 _____ C:\Windows\System32\Tasks\UCBrowserUpdater
2016-07-13 10:56 - 2016-07-13 11:43 - 00001072 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-13 10:56 - 2016-07-13 10:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-13 10:56 - 2016-07-13 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-13 10:56 - 2016-07-13 10:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-13 10:56 - 2016-07-13 10:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-13 10:56 - 2016-07-04 07:53 - 51376752 _____ (UCWeb Inc.) C:\Users\Nikola Pejovic\AppData\Roaming\Browser_V5.6.14087.7_r_4681_(Build1607010949).exe
2016-07-13 10:56 - 2016-07-04 07:38 - 51373168 _____ (UCWeb Inc.) C:\Users\Nikola Pejovic\AppData\Roaming\Browser_V5.6.14087.7_r_4700_(Build1607010949).exe
2016-07-13 10:56 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-13 10:56 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-13 10:56 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-13 10:55 - 2016-07-13 10:55 - 22851472 _____ (Malwarebytes ) C:\Users\Nikola Pejovic\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-13 10:54 - 2016-07-13 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compress
2016-07-13 10:54 - 2016-07-05 07:58 - 09216000 _____ (eee) C:\Users\Nikola Pejovic\AppData\Roaming\THREADAPP.exe
2016-07-13 10:53 - 2016-07-13 10:54 - 00000000 ____D C:\Program Files\ZipTool
2016-07-13 00:37 - 2016-06-23 14:47 - 08300392 _____ (重庆悦微捷科技有限公司) C:\Users\Nikola Pejovic\AppData\Roaming\Setup.exe
2016-07-13 00:34 - 2016-07-13 10:36 - 00000000 ____D C:\Program Files\¿ìѹ
2016-07-13 00:33 - 2016-07-13 10:50 - 00000000 ____D C:\Program Files\YueweijieNetTrans
2016-07-13 00:30 - 2016-07-13 11:44 - 07616340 _____ C:\Users\Nikola Pejovic\AppData\Roaming\setup.apk
2016-07-13 00:30 - 2016-07-13 11:43 - 00732869 _____ C:\Users\Nikola Pejovic\AppData\Roaming\xdo.zip
2016-07-13 00:30 - 2016-07-13 00:45 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Kuaizip
2016-07-13 00:30 - 2016-07-13 00:34 - 00000853 _____ C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\¿ìѹ.lnk
2016-07-13 00:30 - 2016-07-13 00:30 - 00092872 _____ (WinMount International Inc) C:\Windows\system32\Drivers\KuaiZipDrive.sys
2016-07-13 00:30 - 2016-07-13 00:30 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Softlink
2016-07-13 00:27 - 2016-07-13 11:38 - 00000000 ____D C:\Program Files\BitTorrent
2016-07-13 00:26 - 2016-07-13 00:26 - 00018432 _____ C:\Users\Nikola Pejovic\AppData\Roaming\Main.dat
2016-07-13 00:25 - 2016-07-13 00:25 - 07102976 _____ C:\Users\Nikola Pejovic\AppData\Roaming\agent.dat
2016-07-13 00:25 - 2016-07-13 00:24 - 00709120 _____ C:\Users\Nikola Pejovic\AppData\Roaming\Softis.exe
2016-07-13 00:25 - 2016-07-13 00:24 - 00709120 _____ C:\Users\Nikola Pejovic\AppData\Roaming\New-Fresh.exe
2016-07-13 00:24 - 2016-07-13 00:24 - 00128512 _____ C:\Users\Nikola Pejovic\AppData\Roaming\Installer.dat
2016-07-13 00:22 - 2016-07-13 00:22 - 00000000 ____D C:\Program Files (x86)\USBBoxLite
2016-07-13 00:22 - 2016-02-18 10:10 - 05267952 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\ziptool_wc-9015_setup.exe
2016-07-13 00:21 - 2016-07-13 00:21 - 00000000 ____D C:\Program Files (x86)\GreatMaker
2016-07-13 00:21 - 2016-05-26 10:51 - 04761392 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\usbboxlite_4001_o_8209_hn.exe
2016-07-13 00:20 - 2016-07-01 11:19 - 08284704 _____ (深圳市伟创科技软件有限公司) C:\Users\Nikola Pejovic\AppData\Roaming\MaoHaWiFiSetup_263.exe
2016-07-13 00:19 - 2016-07-13 00:20 - 00001520 _____ C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2016-07-13 00:19 - 2016-07-13 00:20 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-07-13 00:16 - 2016-07-13 11:25 - 00000000 ____D C:\Program Files (x86)\Tholigetermught
2016-07-13 00:16 - 2016-07-13 04:29 - 00344576 _____ C:\Users\Nikola Pejovic\AppData\Roaming\RandomDelJiheReg.exe
2016-07-13 00:16 - 2016-07-13 00:16 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\levispmenoycazuk
2016-07-13 00:13 - 2016-07-13 00:13 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\UCBrowser
2016-07-13 00:13 - 2016-07-04 07:47 - 00081792 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\Windows\system32\Drivers\ucguard.sys
2016-07-13 00:12 - 2016-07-13 11:01 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-07-13 00:11 - 2016-07-13 00:11 - 00009024 _____ C:\Windows\System32\Tasks\Phuktherjerzodom Helper
2016-07-13 00:11 - 2016-07-13 00:09 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-07-13 00:10 - 2016-07-13 00:12 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\thuboshsorotvedety
2016-07-13 00:09 - 2016-07-13 11:25 - 00000000 ____D C:\Program Files (x86)\ContentPush
2016-07-13 00:09 - 2016-07-13 11:25 - 00000000 ____D C:\Program Files (x86)\Clmoied
2016-07-13 00:09 - 2016-07-13 00:19 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\app
2016-07-13 00:09 - 2016-07-13 00:09 - 00000000 ____D C:\Program Files (x86)\WeatherChickn
2016-07-13 00:09 - 2016-07-13 00:09 - 00000000 ____D C:\extensions
2016-07-13 00:09 - 2016-07-11 15:34 - 00936960 ___SH (AutoIt Team) C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKRGN.txt
2016-07-13 00:09 - 2016-07-11 15:34 - 00653328 ___SH C:\Users\Nikola Pejovic\AppData\Roaming\VVShWZTYTVHH
2016-07-13 00:09 - 2016-07-11 15:34 - 00036494 ___SH C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKR
2016-07-11 23:34 - 2016-07-11 23:34 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-11 16:45 - 2016-07-11 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeSmartSoft
2016-07-11 16:45 - 2016-07-11 16:45 - 00000000 ____D C:\Program Files (x86)\FreeSmartSoft
2016-07-11 16:44 - 2016-07-11 16:44 - 02099385 _____ (FreeSmartSoft ) C:\Users\Nikola Pejovic\Downloads\FSSePubReaderSetup.exe
2016-07-11 16:40 - 2016-07-11 16:40 - 00354816 _____ C:\Users\Nikola Pejovic\Downloads\John Kenneth Galbraith-The Anatomy of Power -Houghton Mifflin (1983).epub
2016-07-11 16:39 - 2016-07-11 16:39 - 00500695 _____ C:\Users\Nikola Pejovic\Downloads\John Kenneth Galbraith-A Journey Through Economic Time_ A Firsthand View-Houghton Mifflin (1994).epub
2016-07-11 16:37 - 2016-07-11 16:37 - 01052872 _____ C:\Users\Nikola Pejovic\Downloads\John Kenneth Galbraith-The Affluent Society-Mariner Books (1998).epub
2016-07-11 15:52 - 2016-07-11 15:52 - 03482889 _____ C:\Users\Nikola Pejovic\Desktop\Za-Pametnu-Hrvatsku-JLH-za-web.pdf
2016-07-11 15:16 - 2016-07-11 15:16 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\BlueStacks
2016-07-11 11:35 - 2016-07-11 11:35 - 00459740 _____ C:\Users\Nikola Pejovic\Downloads\2095-Vozni_red_letalisce_2015_verzija_5_5_2015 (1).pdf
2016-07-11 11:28 - 2016-07-11 11:28 - 00459740 _____ C:\Users\Nikola Pejovic\Downloads\2095-Vozni_red_letalisce_2015_verzija_5_5_2015.pdf
2016-07-09 19:52 - 2016-07-09 19:52 - 00105771 _____ C:\Users\Nikola Pejovic\Downloads\ZIZEK-AND-THE-REAL-3-.pdf
2016-07-09 19:52 - 2016-07-09 19:52 - 00105771 _____ C:\Users\Nikola Pejovic\Downloads\ZIZEK-AND-THE-REAL-3- (1).pdf
2016-07-08 18:48 - 2016-07-08 18:48 - 01958127 _____ C:\Users\Nikola Pejovic\Downloads\3_164_07_07_2016.pdf
2016-07-08 18:06 - 2016-07-08 18:06 - 06607747 _____ C:\Users\Nikola Pejovic\Downloads\Allan H. Meltzer-A History of the Federal Reserve, Vol. 1_ 1913-1951-University of Chicago Press (2003).epub
2016-07-08 09:37 - 2016-07-08 09:37 - 00116108 _____ C:\Users\Nikola Pejovic\Downloads\Pejovic.pdf
2016-06-30 16:40 - 2016-06-30 16:40 - 00861934 _____ C:\Users\Nikola Pejovic\Downloads\Barry Eichengreen-Globalizing Capital_ A History of the International Monetary System (Second Edition) (2008).pdf
2016-06-30 00:04 - 2016-06-30 00:04 - 00017892 _____ C:\Users\Nikola Pejovic\Downloads\157994-drive.2011.720p.bdrip.xvid.ac3vision.zip
2016-06-29 19:49 - 2016-06-29 19:49 - 00163524 _____ C:\Users\Nikola Pejovic\Downloads\Bitcoin.pdf
2016-06-29 16:07 - 2016-06-29 16:07 - 00163524 _____ C:\Users\Nikola Pejovic\Desktop\Bitcoin .pdf
2016-06-28 03:12 - 2016-06-28 03:12 - 00314434 ____N C:\Users\Nikola Pejovic\AppData\Roaming\EYapp.apk
2016-06-24 15:11 - 2016-06-24 15:11 - 00030720 _____ C:\Users\Nikola Pejovic\Downloads\rezultati_24_6_2016_.xls
2016-06-24 11:19 - 2016-06-24 11:19 - 11518293 _____ C:\Users\Nikola Pejovic\Downloads\JF2016_Croatia Booklet-180-508-180-534.pdf
2016-06-23 18:32 - 2016-06-23 18:32 - 00100469 _____ C:\Users\Nikola Pejovic\Downloads\ReI_for_Evaluators for scholarships_Master.pdf
2016-06-22 13:42 - 2016-06-22 13:42 - 00009756 _____ C:\Users\Nikola Pejovic\Downloads\1466586365.zip
2016-06-22 08:44 - 2016-06-22 08:44 - 00000862 _____ C:\Users\Nikola Pejovic\Downloads\stream
2016-06-17 14:41 - 2016-06-17 14:41 - 00130102 _____ C:\Users\Nikola Pejovic\Downloads\1466148566.zip
2016-06-16 11:55 - 2016-06-16 11:55 - 00113205 _____ C:\Users\Nikola Pejovic\Downloads\EP-KA1-HE-Int-Studies_7914fe55-7824-4d66-9a29-b7ad207a4c33.pdf
2016-06-15 22:02 - 2016-06-15 22:02 - 00000000 ____D C:\Users\Nikola Pejovic\Desktop\pics
2016-06-15 18:01 - 2016-06-20 14:06 - 00052192 _____ C:\Users\Nikola Pejovic\Desktop\New Journal Document.jnt
2016-06-15 18:01 - 2016-06-15 18:01 - 00000000 ___RD C:\Users\Nikola Pejovic\Documents\Notes
2016-06-15 17:27 - 2016-06-15 17:27 - 00010076 _____ C:\Users\Nikola Pejovic\Downloads\1465995064.zip
2016-06-14 22:27 - 2016-06-14 22:27 - 00030573 _____ C:\Users\Nikola Pejovic\Downloads\235155-thebrothersgrimsby2016.zip
2016-06-14 22:26 - 2016-06-14 22:26 - 00030810 _____ C:\Users\Nikola Pejovic\Downloads\234851-the.brothers.grimsby.2016subrip.srt.zip
2016-06-13 13:51 - 2016-06-13 13:51 - 00037160 _____ C:\Users\Nikola Pejovic\Downloads\HW12[1].pdf
2016-06-13 13:50 - 2016-06-13 13:50 - 00023152 _____ C:\Users\Nikola Pejovic\Downloads\HW_FinalPoints_Year_15_16.xlsx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-13 11:48 - 2014-06-12 02:38 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2864281891-3376825052-3278056506-1001
2016-07-13 11:46 - 2015-06-02 14:11 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\ViberPC
2016-07-13 11:46 - 2014-06-13 21:38 - 00000000 ___RD C:\Users\Nikola Pejovic\Dropbox
2016-07-13 11:45 - 2015-09-22 12:16 - 00002345 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-07-13 11:43 - 2016-02-06 12:50 - 00001200 _____ C:\Users\Public\Desktop\Free MP3 Cutter Joiner.lnk
2016-07-13 11:43 - 2016-01-07 00:30 - 00000862 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-07-13 11:43 - 2015-09-18 15:57 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-07-13 11:43 - 2015-09-18 15:57 - 00002149 _____ C:\Users\Public\Desktop\Opera.lnk
2016-07-13 11:43 - 2015-08-08 20:09 - 00000299 _____ C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2016-07-13 11:43 - 2015-07-05 19:27 - 00002747 _____ C:\Users\Public\Desktop\Nero Burning ROM 2014.lnk
2016-07-13 11:43 - 2015-06-22 20:04 - 00001096 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2016-07-13 11:43 - 2015-06-02 14:11 - 00001053 _____ C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2016-07-13 11:43 - 2015-04-21 15:06 - 00001255 _____ C:\Users\Public\Desktop\Internet Manager.lnk
2016-07-13 11:43 - 2014-12-28 15:24 - 00002707 _____ C:\Users\Public\Desktop\Skype.lnk
2016-07-13 11:43 - 2014-11-21 22:15 - 00002267 _____ C:\Users\Public\Desktop\ACDSee Pro 7.lnk
2016-07-13 11:43 - 2014-10-24 22:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2016-07-13 11:43 - 2014-10-24 22:20 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2016-07-13 11:43 - 2014-10-24 22:20 - 00002154 _____ C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2016-07-13 11:43 - 2014-10-24 22:20 - 00002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2016-07-13 11:43 - 2014-10-24 22:20 - 00002040 _____ C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2016-07-13 11:43 - 2014-10-16 13:49 - 00001365 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-07-13 11:43 - 2014-08-04 10:54 - 00001103 _____ C:\Users\Public\Desktop\Mobi File Reader.lnk
2016-07-13 11:43 - 2014-07-25 21:47 - 00001099 _____ C:\Users\Public\Desktop\HSPA USB MODEM.lnk
2016-07-13 11:43 - 2014-06-29 00:29 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-07-13 11:43 - 2014-06-29 00:29 - 00002033 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-07-13 11:43 - 2014-06-13 07:36 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-07-13 11:43 - 2014-06-12 02:43 - 00002163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-13 11:43 - 2014-06-12 02:43 - 00002157 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-13 11:43 - 2014-06-12 02:32 - 00001422 _____ C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-07-13 11:42 - 2016-03-05 17:10 - 00004994 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for NikolaPC-Nikola Pejovic NikolaPC
2016-07-13 11:42 - 2015-09-15 23:45 - 00002676 _____ C:\Users\Nikola Pejovic\Desktop\µTorrent.lnk
2016-07-13 11:42 - 2015-06-22 20:04 - 00001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2016-07-13 11:42 - 2015-06-02 14:11 - 00001047 _____ C:\Users\Nikola Pejovic\Desktop\Viber.lnk
2016-07-13 11:42 - 2015-02-06 22:07 - 00002330 _____ C:\Users\Nikola Pejovic\Desktop\Kindle.lnk
2016-07-13 11:42 - 2014-06-30 00:17 - 00000660 _____ C:\Users\Nikola Pejovic\Desktop\LAFF - Shortcut.lnk
2016-07-13 11:39 - 2015-12-20 19:04 - 00000000 ____D C:\ProgramData\OnlineUpdate
2016-07-13 11:39 - 2014-06-12 02:43 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-13 11:38 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-13 11:25 - 2015-06-23 12:50 - 00000000 ____D C:\Program Files (x86)\Video Resumer
2016-07-13 11:25 - 2015-06-23 12:48 - 00000000 ____D C:\Program Files (x86)\50Couppons
2016-07-13 11:25 - 2015-06-03 08:49 - 00000000 ____D C:\Program Files (x86)\NetoCOUpaonn
2016-07-13 11:25 - 2015-03-21 18:03 - 00000000 ____D C:\Program Files (x86)\SSAoLePlus
2016-07-13 11:17 - 2015-09-18 12:50 - 00000000 ____D C:\Users\Nikola Pejovic\Downloads\Lana Del Rey - Honeymoon (2015)
2016-07-13 11:16 - 2014-06-19 02:54 - 03278848 ___SH C:\Users\Nikola Pejovic\Downloads\Thumbs.db
2016-07-13 10:59 - 2014-06-12 02:41 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{05485734-D435-4311-95F2-4238E740C9B6}
2016-07-13 10:56 - 2015-09-18 15:54 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-13 10:56 - 2014-07-23 22:27 - 00000000 ____D C:\Users\Nikola Pejovic\Documents\ViberDownloads
2016-07-13 10:53 - 2014-06-12 02:43 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-13 10:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\tracing
2016-07-13 10:49 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-13 10:40 - 2015-06-17 15:30 - 00000972 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2864281891-3376825052-3278056506-1001UA.job
2016-07-13 10:40 - 2014-06-13 06:46 - 03898368 ___SH C:\Users\Nikola Pejovic\Desktop\Thumbs.db
2016-07-13 10:38 - 2014-06-13 07:23 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\uTorrent
2016-07-13 10:38 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-07-13 10:33 - 2016-05-23 17:04 - 00000000 ____D C:\ProgramData\Avg
2016-07-13 10:32 - 2016-05-23 17:03 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\AvgSetupLog
2016-07-13 00:27 - 2016-05-23 17:15 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Mozilla
2016-07-13 00:17 - 2016-01-07 00:23 - 00000000 ____D C:\Program Files\Pismo File Mount Audit Package
2016-07-13 00:14 - 2014-06-12 03:01 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Skype
2016-07-12 18:05 - 2014-06-27 08:25 - 00003742 _____ C:\Windows\System32\Tasks\AutoKMS
2016-07-12 18:03 - 2015-06-02 14:10 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\Viber
2016-07-12 11:40 - 2015-06-17 15:30 - 00000920 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2864281891-3376825052-3278056506-1001Core.job
2016-07-12 11:16 - 2014-07-31 14:49 - 00265216 ___SH C:\Users\Nikola Pejovic\Documents\Thumbs.db
2016-07-11 23:35 - 2014-06-13 21:33 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox
2016-07-11 16:42 - 2015-02-06 22:07 - 00000000 ____D C:\Users\Nikola Pejovic\Documents\My Kindle Content
2016-07-11 15:43 - 2016-05-22 23:11 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\LocalLow\uTorrent
2016-07-11 15:16 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2016-07-10 13:34 - 2014-06-13 07:36 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\vlc
2016-07-09 23:17 - 2015-06-23 00:03 - 00000000 ____D C:\Users\Nikola Pejovic\Downloads\Taleb
2016-07-08 13:01 - 2014-06-12 02:32 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\Packages
2016-07-07 21:28 - 2015-09-18 15:57 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1442584658
2016-07-04 10:22 - 2016-05-18 17:13 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-06-30 18:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-19 23:39 - 2016-05-23 00:36 - 00001683 _____ C:\Users\Nikola Pejovic\Desktop\New Text Document.txt
2016-06-18 15:59 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
==================== Files in the root of some directories =======
2016-04-26 14:24 - 2016-04-26 14:24 - 0000009 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\a.bat
2010-08-28 22:43 - 2010-08-28 22:43 - 0577335 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\adb.exe
2010-08-28 22:43 - 2010-08-28 22:43 - 0096256 ____N (Google, inc) C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinApi.dll
2010-08-28 22:43 - 2010-08-28 22:43 - 0060928 ____N (Google, inc) C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinUsbApi.dll
2016-07-13 00:25 - 2016-07-13 00:25 - 7102976 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\agent.dat
2015-08-21 17:04 - 2015-08-21 17:23 - 0000024 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\appdataFr25.bin
2016-07-13 10:56 - 2016-07-04 07:53 - 51376752 _____ (UCWeb Inc.) C:\Users\Nikola Pejovic\AppData\Roaming\Browser_V5.6.14087.7_r_4681_(Build1607010949).exe
2016-07-13 10:56 - 2016-07-04 07:38 - 51373168 _____ (UCWeb Inc.) C:\Users\Nikola Pejovic\AppData\Roaming\Browser_V5.6.14087.7_r_4700_(Build1607010949).exe
2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\EYapp.apk
2010-08-28 22:43 - 2010-08-28 22:43 - 0356009 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\fastboot.exe
2016-07-13 00:24 - 2016-07-13 00:24 - 0128512 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\Installer.dat
2016-07-13 00:26 - 2016-07-13 00:26 - 0018432 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\Main.dat
2016-07-13 00:20 - 2016-07-01 11:19 - 8284704 _____ (深圳市伟创科技软件有限公司) C:\Users\Nikola Pejovic\AppData\Roaming\MaoHaWiFiSetup_263.exe
2016-07-13 00:25 - 2016-07-13 00:24 - 0709120 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\New-Fresh.exe
2016-07-13 00:16 - 2016-07-13 04:29 - 0344576 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\RandomDelJiheReg.exe
2016-07-13 00:30 - 2016-07-13 11:44 - 7616340 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\setup.apk
2016-07-13 00:37 - 2016-06-23 14:47 - 8300392 _____ (重庆悦微捷科技有限公司) C:\Users\Nikola Pejovic\AppData\Roaming\Setup.exe
2016-07-13 00:25 - 2016-07-13 00:24 - 0709120 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\Softis.exe
2016-07-13 10:54 - 2016-07-05 07:58 - 9216000 _____ (eee) C:\Users\Nikola Pejovic\AppData\Roaming\THREADAPP.exe
2016-07-13 00:21 - 2016-05-26 10:51 - 4761392 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\usbboxlite_4001_o_8209_hn.exe
2016-07-13 00:09 - 2016-07-11 15:34 - 0036494 ___SH () C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKR
2016-07-13 00:09 - 2016-07-11 15:34 - 0936960 ___SH (AutoIt Team) C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKRGN.txt
2016-07-13 00:09 - 2016-07-11 15:34 - 0653328 ___SH () C:\Users\Nikola Pejovic\AppData\Roaming\VVShWZTYTVHH
2016-07-13 00:30 - 2016-07-13 11:43 - 0732869 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\xdo.zip
2016-07-13 00:22 - 2016-02-18 10:10 - 5267952 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\ziptool_wc-9015_setup.exe
2015-12-23 23:39 - 2015-12-23 23:39 - 0969852 _____ () C:\Users\Nikola Pejovic\AppData\Local\DjVu-Reader-_1116.rar
2015-09-18 15:55 - 2015-09-18 15:55 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\Nikola Pejovic\AppData\Local\Temp\1468362678V0RDXtmp.exe
C:\Users\Nikola Pejovic\AppData\Local\Temp\1B33.tmp.exe
C:\Users\Nikola Pejovic\AppData\Local\Temp\6DEE.tmp.exe
C:\Users\Nikola Pejovic\AppData\Local\Temp\72D2.tmp.exe
C:\Users\Nikola Pejovic\AppData\Local\Temp\acc.exe
C:\Users\Nikola Pejovic\AppData\Local\Temp\Browser_V5.6.12150.8_r_4726_(Build1604251144).exe
C:\Users\Nikola Pejovic\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Nikola Pejovic\AppData\Local\Temp\DoubleClick.exe
C:\Users\Nikola Pejovic\AppData\Local\Temp\F239.tmp.exe
C:\Users\Nikola Pejovic\AppData\Local\Temp\setup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-07 23:19
==================== End of FRST.txt ============================
Dopuna: 13 Jul 2016 12:03
mycity.rs/must-login.png
|