Provera

Provera

offline
  • Pridružio: 24 Dec 2011
  • Poruke: 1586
  • Gde živiš: Novi Banovci

Samo bih hteo da proverim.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Admin (administrator) on ADMIN-PC (01-11-2015 16:58:20)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Mama i Tata & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Flux Software LLC) C:\Users\Admin\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1688552 2015-10-20] (Bitdefender)
HKU\S-1-5-21-3479353938-1898474474-1349872024-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3479353938-1898474474-1349872024-1000\...\Run: [f.lux] => C:\Users\Admin\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3479353938-1898474474-1349872024-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1416096 2015-10-13] (Bitdefender)
HKU\S-1-5-21-3479353938-1898474474-1349872024-1000\...\MountPoints2: G - G:\SETUP.EXE
HKU\S-1-5-21-3479353938-1898474474-1349872024-1000\...\MountPoints2: {7b1e3dfc-afc9-11e4-9a26-90e6bac8619f} - H:\autorun.exe
HKU\S-1-5-21-3479353938-1898474474-1349872024-1000\...\MountPoints2: {854d0767-7b5e-11e5-9c0b-005056c00008} - G:\SETUP.EXE
HKU\S-1-5-21-3479353938-1898474474-1349872024-1000\...\MountPoints2: {854d0787-7b5e-11e5-9c0b-005056c00008} - H:\SETUP.EXE
HKU\S-1-5-21-3479353938-1898474474-1349872024-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.200.191.166 212.200.190.166
Tcpip\..\Interfaces\{5BCC3B9E-12D3-42FF-9753-BDE742910631}: [DhcpNameServer] 212.200.191.166 212.200.190.166

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3479353938-1898474474-1349872024-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-09-21] (Bitdefender)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-09-21] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-09-21] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-09-21] (Bitdefender)

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hi68yl9v.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_228.dll [2015-10-20] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_228.dll [2015-10-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3479353938-1898474474-1349872024-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-10-17] (Ubisoft)
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hi68yl9v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-17]
FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff [2015-10-28] [not signed]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-10-28] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-02-12] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-10-28] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF HKU\S-1-5-21-3479353938-1898474474-1349872024-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-31]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-31]
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
S4 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-04] (Hewlett-Packard) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-04] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-10-15] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [823840 2015-09-22] (Bitdefender)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [124488 2015-09-29] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1572168 2015-10-14] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [271272 2015-05-29] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S4 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-22] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-17] (REALiX(tm))
R0 ignis; C:\Windows\System32\DRIVERS\ignis.sys [270248 2015-10-08] (Bitdefender)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.)
S3 b06bdrv; \SystemRoot\system32\drivers\bxvbda.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-01 16:58 - 2015-11-01 16:58 - 00016136 _____ C:\Users\Admin\Desktop\FRST.txt
2015-11-01 16:57 - 2015-11-01 16:58 - 00000000 ____D C:\FRST
2015-11-01 16:57 - 2015-11-01 16:57 - 02198016 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-11-01 16:57 - 2015-11-01 16:57 - 01694208 _____ C:\Users\Admin\Desktop\adwcleaner_5.015.exe
2015-11-01 08:52 - 2015-11-01 08:52 - 00024532 _____ C:\ProgramData\1446364339.bdinstall.bin
2015-11-01 08:44 - 2015-11-01 08:50 - 00000000 ____D C:\Users\Mama i Tata\AppData\Roaming\Bitdefender
2015-11-01 08:42 - 2015-11-01 08:42 - 00008120 _____ C:\Windows\PFRO.log
2015-11-01 08:39 - 2015-11-01 08:39 - 00000000 __SHD C:\found.000
2015-11-01 08:34 - 2015-11-01 16:53 - 00000084 _____ C:\Windows\errord.log
2015-11-01 01:00 - 2015-11-01 16:54 - 00000112 _____ C:\Windows\setupact.log
2015-11-01 01:00 - 2015-11-01 01:00 - 00000000 _____ C:\Windows\setuperr.log
2015-10-31 21:33 - 2015-10-31 21:33 - 01310075 _____ (pendrivelinux.com) C:\Users\Admin\Desktop\YUMI-2.0.1.9.exe
2015-10-31 21:31 - 2015-10-31 21:31 - 00000000 ___HD C:\Users\Admin\Desktop\xboot_tempiky5ewzc.zi2
2015-10-31 20:54 - 2015-10-31 20:55 - 08135614 _____ C:\Users\Admin\Downloads\RMPrepUSB_Portable_v2.1.727.zip
2015-10-31 20:44 - 2015-10-31 20:44 - 00361591 _____ C:\Users\Admin\Desktop\bookmarks_10_31_15.html
2015-10-31 20:29 - 2015-10-31 20:29 - 00000000 ____D C:\Users\Admin\Downloads\Bitdefender Safepay
2015-10-31 20:29 - 2015-10-31 20:29 - 00000000 ____D C:\Users\Admin\AppData\Local\CEF
2015-10-31 20:25 - 2015-10-31 20:26 - 00000000 ____D C:\ProgramData\Norton
2015-10-31 19:48 - 2015-10-31 19:48 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2015-10-31 19:47 - 2015-10-31 19:47 - 00438205 _____ C:\ProgramData\1446316951.bdinstall.bin
2015-10-31 19:46 - 2015-10-31 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2015-10-31 19:46 - 2015-10-31 19:46 - 00002126 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2015-10-31 19:46 - 2015-10-31 19:46 - 00000684 ____H C:\bdr-cf03
2015-10-31 19:45 - 2015-10-31 19:46 - 00253404 ____H C:\bdr-ld03
2015-10-31 19:45 - 2015-10-31 19:46 - 00009216 ____H C:\bdr-ld03.mbr
2015-10-31 19:45 - 2015-10-08 11:31 - 00270248 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys
2015-10-31 19:45 - 2015-05-29 08:50 - 00271272 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-10-31 19:45 - 2015-05-28 13:21 - 00747120 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-10-31 19:45 - 2015-05-28 12:37 - 01369288 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-10-31 19:45 - 2015-05-27 16:02 - 49626058 ____H C:\bdr-im03.gz
2015-10-31 19:45 - 2013-08-13 12:38 - 03271472 ____H C:\bdr-bz03
2015-10-31 19:45 - 2012-04-17 13:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-10-31 19:42 - 2015-10-31 20:49 - 00000000 ____D C:\ProgramData\Bitdefender
2015-10-31 19:42 - 2015-10-31 19:42 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-10-31 19:42 - 2015-10-31 19:42 - 00000000 ____D C:\Program Files\Bitdefender
2015-10-31 19:42 - 2015-06-02 14:21 - 00477272 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-10-31 19:42 - 2015-04-29 13:32 - 00160032 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-10-31 19:38 - 2015-11-01 16:55 - 00000000 ____D C:\Program Files\Bitdefender Agent
2015-10-31 19:38 - 2015-10-31 19:38 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2015-10-31 19:21 - 2015-10-31 19:21 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TuneUp Software
2015-10-31 19:21 - 2015-10-31 19:21 - 00000000 ____D C:\Users\Admin\AppData\Local\MFAData
2015-10-31 18:13 - 2015-10-31 18:13 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-31 18:13 - 2015-10-31 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-31 18:13 - 2015-10-31 18:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-31 18:13 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-31 18:13 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-31 17:32 - 2015-10-31 19:04 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2015-10-31 17:32 - 2015-10-31 17:32 - 00000000 ____D C:\Users\Admin\AppData\Local\Zemana
2015-10-30 17:32 - 2015-10-31 19:04 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-30 17:32 - 2015-10-31 18:14 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-30 17:05 - 2015-10-30 17:05 - 00000000 ____D C:\Users\Admin\Desktop\Milica HUSTOLOGIjA
2015-10-28 22:59 - 2015-10-28 22:59 - 00268288 _____ C:\Users\Mama i Tata\Desktop\Nedelja 2.ppt
2015-10-27 00:18 - 2015-10-27 00:18 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Kodi
2015-10-26 23:31 - 2015-10-30 16:56 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\uTorrent
2015-10-26 16:48 - 2015-11-01 16:55 - 00003244 _____ C:\Windows\System32\Tasks\IORRT
2015-10-26 13:20 - 2015-10-30 16:59 - 00000000 ____D C:\AdwCleaner
2015-10-26 00:23 - 2015-10-26 00:23 - 00000000 ____D C:\Users\Admin\Documents\Ashampoo Burning Studio FREE
2015-10-26 00:22 - 2015-10-26 00:22 - 00000777 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk
2015-10-26 00:22 - 2015-10-26 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-10-25 22:31 - 2015-10-25 22:31 - 00000000 __RSH C:\MSDOS.SYS
2015-10-25 22:31 - 2015-10-25 22:31 - 00000000 __RSH C:\IO.SYS
2015-10-25 18:23 - 2015-10-25 18:24 - 00000000 ____D C:\Users\Admin\AppData\Local\MSfree Inc
2015-10-24 04:20 - 2015-07-10 09:25 - 00000001 ___SH C:\BOOTNXT
2015-10-23 23:37 - 2015-10-23 23:37 - 00000000 ____D C:\Users\Mama i Tata\Documents\Mobizen
2015-10-23 23:37 - 2015-10-23 23:37 - 00000000 ____D C:\Users\Mama i Tata\AppData\Roaming\Rsupport
2015-10-23 22:08 - 2015-10-30 18:20 - 00000000 ____D C:\Users\Admin\Desktop\mbar
2015-10-23 22:08 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-23 20:28 - 2015-10-23 20:28 - 00345956 __RSH C:\EUMLZ
2015-10-23 20:28 - 2015-10-23 20:28 - 00000000 __RSH C:\tmls.ld
2015-10-23 20:13 - 2015-10-23 20:14 - 00001648 ____H C:\Windows\EPMBatch.ept
2015-10-23 17:50 - 2015-10-23 17:51 - 00001889 _____ C:\Users\Public\Desktop\AirDroid.lnk
2015-10-23 17:50 - 2015-10-23 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2015-10-23 17:34 - 2015-10-23 17:38 - 00000000 ____D C:\Users\Public\Documents\AirDroid
2015-10-23 17:34 - 2015-10-23 10:53 - 00000000 ____D C:\Users\Admin\Documents\AirDroid
2015-10-23 17:34 - 2015-10-23 10:52 - 00000000 ____D C:\Program Files (x86)\AirDroid
2015-10-23 15:16 - 2015-10-31 18:14 - 00000000 ____D C:\Program Files (x86)\RSUPPORT
2015-10-23 15:16 - 2015-10-23 15:16 - 00000000 ____D C:\Users\Admin\Documents\Mobizen
2015-10-23 15:16 - 2015-10-23 15:16 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Rsupport
2015-10-23 11:04 - 2015-10-23 11:04 - 00001388 _____ C:\Users\Public\Desktop\EaseUS Partition Master 10.8.lnk
2015-10-23 11:04 - 2015-10-23 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
2015-10-23 11:04 - 2015-09-20 23:30 - 03557000 _____ C:\Windows\system32\BootMan.exe
2015-10-23 11:04 - 2015-09-20 23:19 - 02658952 _____ C:\Windows\SysWOW64\BootMan.exe
2015-10-23 11:04 - 2014-11-18 13:46 - 00021088 _____ C:\Windows\SysWOW64\EuEpmGdi.dll
2015-10-23 11:04 - 2014-11-18 13:46 - 00017504 _____ C:\Windows\system32\EuEpmGdi.dll
2015-10-23 11:04 - 2014-11-18 13:39 - 00018528 _____ C:\Windows\system32\epmntdrv.sys
2015-10-23 11:04 - 2014-11-18 13:39 - 00014944 _____ C:\Windows\SysWOW64\epmntdrv.sys
2015-10-23 11:04 - 2014-11-18 13:39 - 00010848 _____ C:\Windows\system32\EuGdiDrv.sys
2015-10-23 11:04 - 2014-11-18 13:39 - 00010208 _____ C:\Windows\SysWOW64\EuGdiDrv.sys
2015-10-23 11:04 - 2014-11-18 13:38 - 00101984 _____ C:\Windows\system32\setupempdrvx64.exe
2015-10-23 11:04 - 2014-11-18 13:38 - 00088160 _____ C:\Windows\SysWOW64\setupempdrv03.exe
2015-10-23 10:47 - 2015-10-23 10:47 - 00000000 ____D C:\Program Files (x86)\Raxco
2015-10-22 22:48 - 2015-10-22 22:49 - 36093899 _____ C:\Users\Admin\Desktop\PCP225.zip
2015-10-22 22:35 - 2015-10-22 23:04 - 00000400 __RSH C:\ProgramData\ntuser.pol
2015-10-22 16:33 - 2015-10-31 23:16 - 00000000 ____D C:\Users\Admin\AppData\Local\VMware
2015-10-22 16:33 - 2015-10-31 23:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\VMware
2015-10-22 16:32 - 2015-08-14 13:03 - 00066752 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2015-10-22 16:32 - 2015-08-04 00:10 - 00075512 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2015-10-22 16:32 - 2015-08-04 00:10 - 00068288 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2015-10-22 16:32 - 2015-08-04 00:10 - 00064192 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2015-10-22 16:31 - 2015-10-31 20:13 - 00000000 ____D C:\ProgramData\VMware
2015-10-22 16:31 - 2015-10-22 16:31 - 00001188 _____ C:\Users\Public\Desktop\VMware Workstation 12 Player.lnk
2015-10-22 16:31 - 2015-10-22 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2015-10-22 16:31 - 2015-10-22 16:31 - 00000000 ____D C:\Program Files\Common Files\VMware
2015-10-22 16:31 - 2015-10-22 16:31 - 00000000 ____D C:\Program Files (x86)\VMware
2015-10-22 16:31 - 2015-08-14 13:03 - 00934080 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2015-10-22 16:31 - 2015-08-14 13:03 - 00391872 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2015-10-22 16:31 - 2015-08-14 13:03 - 00358080 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2015-10-22 16:31 - 2015-08-14 12:43 - 00026816 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2015-10-22 16:31 - 2015-08-11 18:27 - 00057536 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2015-10-22 13:15 - 2015-10-22 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-10-22 13:15 - 2015-07-10 12:22 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-10-22 13:15 - 2015-07-10 12:21 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-10-22 10:08 - 2015-10-22 10:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-22 10:08 - 2015-10-22 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-10-22 10:07 - 2015-10-22 10:07 - 00003794 _____ C:\Windows\System32\Tasks\klcp_update
2015-10-22 10:06 - 2015-10-22 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-10-22 10:06 - 2015-10-22 10:06 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-10-22 10:06 - 2015-10-16 19:00 - 00126976 _____ C:\Windows\system32\ff_vfw.dll
2015-10-22 10:06 - 2015-10-16 19:00 - 00112128 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-10-22 10:06 - 2015-06-22 14:25 - 00254976 _____ C:\Windows\system32\xvidvfw.dll
2015-10-22 10:06 - 2015-06-22 14:25 - 00240128 _____ C:\Windows\SysWOW64\xvidvfw.dll
2015-10-22 10:06 - 2015-06-22 14:24 - 00729088 _____ C:\Windows\system32\xvidcore.dll
2015-10-22 10:06 - 2015-06-22 14:24 - 00655872 _____ C:\Windows\SysWOW64\xvidcore.dll
2015-10-22 10:06 - 2015-02-28 16:22 - 03571200 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2015-10-22 10:06 - 2015-02-28 16:21 - 03591680 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2015-10-22 10:06 - 2012-07-21 11:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2015-10-22 10:06 - 2012-07-21 11:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2015-10-22 10:06 - 2011-12-07 18:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2015-10-22 10:06 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2015-10-22 10:01 - 2015-10-22 10:01 - 00000000 _____ C:\Windows\SysWOW64\RENC689.tmp
2015-10-22 10:00 - 2015-10-22 10:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Sun
2015-10-22 10:00 - 2015-10-22 10:00 - 00000000 ____D C:\Users\Admin\.oracle_jre_usage
2015-10-22 09:53 - 2015-10-22 09:53 - 00000000 ____D C:\Program Files (x86)\FileHippo.com
2015-10-22 09:47 - 2015-10-22 09:47 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-10-22 09:46 - 2015-10-22 09:47 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-10-22 09:46 - 2015-10-22 09:46 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-10-22 09:46 - 2015-10-22 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-22 09:44 - 2015-10-22 09:46 - 43185824 _____ C:\Users\Admin\Desktop\Firefox Setup 42.0b8.exe
2015-10-21 15:52 - 2015-10-21 15:53 - 00000000 ____D C:\Users\Admin\AppData\Local\Ubisoft Game Launcher
2015-10-21 15:52 - 2015-10-21 15:52 - 00000000 ____D C:\Users\Admin\Documents\Assassin's Creed III
2015-10-19 21:21 - 2015-10-19 21:21 - 01949293 _____ C:\Users\Mama i Tata\Desktop\Chizh-Glazami_i_Dushoj.wma
2015-10-16 17:03 - 2015-10-16 17:03 - 00373248 _____ C:\Users\Mama i Tata\Desktop\Seminarski rad.ppt
2015-10-15 18:55 - 2015-10-15 18:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-10-15 18:55 - 2015-10-15 18:55 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-10-15 17:59 - 2015-10-15 17:59 - 00000000 ____D C:\Users\Admin\Documents\My Games
2015-10-14 22:27 - 2015-10-14 22:28 - 00000000 ____D C:\Users\Mama i Tata\Desktop\Nacionalna
2015-10-11 14:45 - 2015-10-11 14:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Avg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-01 16:57 - 2015-02-08 10:42 - 01449184 _____ C:\Windows\WindowsUpdate.log
2015-11-01 16:55 - 2015-02-08 11:00 - 00000000 ____D C:\ProgramData\MCShield
2015-11-01 16:54 - 2015-08-17 13:19 - 00000358 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2015-11-01 16:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-01 16:49 - 2009-07-14 06:13 - 00790090 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-01 16:29 - 2015-02-08 20:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-01 16:14 - 2015-02-09 09:45 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-01 15:26 - 2009-07-14 05:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-01 15:26 - 2009-07-14 05:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-01 09:46 - 2015-08-18 19:11 - 00000000 ____D C:\Users\Mama i Tata\AppData\Roaming\uTorrent
2015-11-01 09:46 - 2015-02-08 11:48 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-01 08:44 - 2015-09-14 21:58 - 00000000 ____D C:\Users\Mama i Tata\AppData\LocalLow\uTorrent
2015-10-31 21:31 - 2015-02-14 08:50 - 00000000 ____D C:\Users\Admin\AppData\Local\ShamurShamur
2015-10-31 21:10 - 2015-03-23 18:44 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TeamViewer
2015-10-31 21:10 - 2015-02-08 21:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2015-10-31 21:10 - 2015-02-08 11:01 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
2015-10-31 21:09 - 2015-06-02 22:13 - 00000000 ____D C:\Windows\Minidump
2015-10-31 21:09 - 2014-12-11 20:36 - 00000000 ____D C:\Windows\Panther
2015-10-31 20:12 - 2015-02-09 03:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-31 19:48 - 2015-03-15 00:11 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Bitdefender
2015-10-31 19:35 - 2015-09-11 10:53 - 00000000 ____D C:\ProgramData\MFAData
2015-10-31 19:34 - 2015-09-11 10:57 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-31 19:03 - 2015-02-27 17:14 - 00000000 ____D C:\Windows\Sun
2015-10-31 18:24 - 2015-02-08 22:38 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2015-10-31 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Branding
2015-10-30 17:32 - 2015-02-08 11:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-30 17:14 - 2015-05-14 10:11 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-30 16:48 - 2015-02-08 11:07 - 00000000 ____D C:\KMPlayer
2015-10-28 20:24 - 2015-09-30 22:29 - 00000000 ____D C:\Users\Mama i Tata\Desktop\Motonav
2015-10-28 20:24 - 2015-02-23 20:39 - 00000000 ____D C:\Users\Mama i Tata\Desktop\Miroslav
2015-10-27 18:54 - 2015-02-19 23:48 - 00000000 ____D C:\Users\Mama i Tata\Desktop\Sindikat
2015-10-27 18:21 - 2015-09-01 18:42 - 00000000 ____D C:\Users\Mama i Tata\Desktop\Руски језик-планови
2015-10-27 17:07 - 2015-02-10 07:42 - 00000000 ____D C:\Users\Mama i Tata\Desktop\Slavica
2015-10-27 00:17 - 2015-02-09 07:28 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-26 12:10 - 2015-02-20 23:49 - 00000000 ____D C:\Users\Admin\VirtualBox VMs
2015-10-26 12:10 - 2015-02-20 23:48 - 00000000 ____D C:\Users\Admin\.VirtualBox
2015-10-26 00:22 - 2015-02-08 22:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Ashampoo
2015-10-26 00:21 - 2015-02-08 22:35 - 00000000 ____D C:\ProgramData\Ashampoo
2015-10-25 23:03 - 2015-02-15 06:52 - 00000000 ___RD C:\Users\Admin\Desktop\Gmaes
2015-10-24 18:06 - 2015-09-21 22:29 - 00000000 ____D C:\Users\Mama i Tata\Desktop\ruska kuhinja
2015-10-24 18:03 - 2015-06-28 19:34 - 00000000 ____D C:\Users\Mama i Tata\Desktop\Slike sa telefona
2015-10-24 08:47 - 2015-03-04 21:14 - 00000000 ____D C:\Users\Mama i Tata\AppData\Roaming\Skype
2015-10-24 04:20 - 2015-02-08 10:24 - 00008192 __RSH C:\BOOTSECT.BAK
2015-10-24 03:27 - 2015-02-08 10:46 - 00000000 __SHD C:\Recovery
2015-10-23 20:32 - 2015-02-09 03:30 - 00000000 ____D C:\Windows\pss
2015-10-23 11:04 - 2015-02-08 21:03 - 00000000 ____D C:\Program Files (x86)\EaseUS
2015-10-22 23:42 - 2015-02-09 06:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-22 23:42 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-22 23:32 - 2015-02-08 11:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-22 22:35 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-10-22 22:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-10-22 16:31 - 2014-12-11 11:48 - 00802952 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-22 13:15 - 2015-02-21 01:15 - 00000614 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-10-22 10:10 - 2015-03-23 18:44 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-22 10:10 - 2015-02-09 01:43 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2015-10-22 10:08 - 2015-03-23 18:44 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-10-22 10:08 - 2015-02-09 01:43 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-22 10:08 - 2015-02-09 01:43 - 00000000 ____D C:\ProgramData\Skype
2015-10-22 10:07 - 2015-02-08 11:01 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-22 10:07 - 2015-02-08 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-22 10:07 - 2015-02-08 11:01 - 00000000 ____D C:\Program Files\WinRAR
2015-10-22 10:06 - 2015-02-08 11:06 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-10-22 10:01 - 2015-02-08 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-22 10:00 - 2015-02-08 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-10-22 10:00 - 2015-02-08 10:49 - 00000000 ____D C:\Users\Admin
2015-10-22 09:59 - 2015-02-08 20:54 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-10-22 09:59 - 2015-02-08 20:53 - 00000000 ____D C:\Program Files\Java
2015-10-22 09:54 - 2015-07-18 15:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-22 09:54 - 2015-02-08 11:39 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-22 09:53 - 2015-02-08 22:38 - 00002022 _____ C:\Users\Admin\Desktop\FileHippo App Manager.lnk
2015-10-22 09:43 - 2015-02-08 11:48 - 00000000 ____D C:\Program Files\CCleaner
2015-10-21 22:06 - 2015-02-08 20:49 - 00001213 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2015-10-21 22:06 - 2015-02-08 20:49 - 00001189 _____ C:\Users\Public\Desktop\GOM Player.lnk
2015-10-21 12:52 - 2015-02-08 11:06 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2015-10-20 20:29 - 2015-02-08 20:44 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-20 20:29 - 2015-02-08 20:44 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-20 20:29 - 2015-02-08 20:44 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-15 18:55 - 2015-02-20 23:52 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-10-15 18:55 - 2015-02-20 23:52 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-10-15 18:48 - 2015-08-21 16:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Samsung
2015-10-15 18:48 - 2015-08-21 16:27 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-10-15 18:47 - 2015-02-14 08:25 - 00000000 ____D C:\Users\Admin\AppData\Local\Microsoft Game Studios
2015-10-15 18:47 - 2015-02-14 08:25 - 00000000 ____D C:\ProgramData\Microsoft Games
2015-10-15 18:47 - 2015-02-14 08:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft Game Studios
2015-10-15 12:05 - 2015-05-08 11:33 - 00004608 _____ C:\Users\Mama i Tata\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-13 22:27 - 2015-02-08 23:06 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-13 19:43 - 2015-02-09 04:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-08 14:40 - 2015-03-14 22:05 - 00005609 _____ C:\Windows\SysWOW64\debug.log
2015-10-05 22:26 - 2015-09-27 11:34 - 00000000 ____D C:\Users\Mama i Tata\Desktop\STOMATOLOSKI

==================== Files in the root of some directories =======

2015-10-31 19:47 - 2015-10-31 19:47 - 0438205 _____ () C:\ProgramData\1446316951.bdinstall.bin
2015-11-01 08:52 - 2015-11-01 08:52 - 0024532 _____ () C:\ProgramData\1446364339.bdinstall.bin
2015-02-09 03:32 - 2015-08-18 10:25 - 0037886 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Mama i Tata\AppData\Local\Temp\KMP_3.9.1.138.exe
C:\Users\Mama i Tata\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-31 22:49

==================== End of FRST.txt ============================


https://www.mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Pozdrav,

Osim sto imas developer verziju Google Chrome pretrazivaca (to mozes da resis po deinstalaciji i svezom Chrome instalacijom), logovi ne pokazuju tragove aktivne infekcije. Odradimo dodatnu ARK proveru;





Preuzmi TDSSKiller, sacuvaj alat na Desktop i dvoklikom pokreni TDSSKiller.exe
U "End user Licence Agreement" dijalogu klikni na Accept.
Takođe, u "KSN Statement" dijalogu klikni na Accept.


klikni na dugme Start Scan

Ukoliko sumnjive stavke Suspicious object budu detektovani, podrazumevana opcija (default action) jeste Skip, klikni na Continue.
Ukoliko maliciozni objekti Malicious objects budu detektovani, izaberi opciju Cure.

Okaci mi sadrzaj log-a sa sledece lokacije:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vreme kada je log napravljen)








Takodje, instaliraj MCShield program i izvrsi proveru svih USB memorijskih uredjaja;
http://www.mcshield.net/

offline
  • Pridružio: 24 Dec 2011
  • Poruke: 1586
  • Gde živiš: Novi Banovci

https://www.mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6102

Nista, sve ovo izgleda u redu.

Mozes obrisati koriscene alate, kao i njihove logove. Obrisi i Farbar-ov radni folder, C:\FRST.

offline
  • Pridružio: 24 Dec 2011
  • Poruke: 1586
  • Gde živiš: Novi Banovci

Hvala na pomoci.

Ko je trenutno na forumu
 

Ukupno su 592 korisnika na forumu :: 9 registrovanih, 1 sakriven i 582 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: cikadeda, djordje92sm, Hoegaarden, ILGromovnik, kybonacci, Mixelotti, oddsock, scimitar19, vranjanac29