MyCity » Ambulanta -> Arhiva Ambulante » Provjera :)

Provjera :)

Napisano na dan: 1.9.2014

Provjera :)
Sledeća strana Pagination

Idi na vrh

Poslao: 01 Sep 2014 17:51
Idi na vrh
offline
  • Pridružio: 02 Sep 2013
  • Poruke: 496

Zelio bih da provjerim racunar Smile
Evo FRST Izvjestaja Smile

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by mKorisnik (administrator) on M on 01-09-2014 17:36:11
Running from C:\Users\mKorisnik\Desktop
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Link mogu videti samo ulogovani korisnici]
Download link for 64-Bit Version: [Link mogu videti samo ulogovani korisnici]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
() C:\Program Files (x86)\Telenor Internet\BackgroundService\ServiceManager.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Microsoft Corporation) C:\Windows\Camera\Camera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\WindowsApps\Microsoft.HelpAndTips_6.3.9654.20559_x64__8wekyb3d8bbwe\helpandtips.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\UserAccountBroker.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(BitTorrent Inc.) C:\Users\mKorisnik\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Telenor_Montenegro Imola ModemListener] => C:\Program Files (x86)\Telenor Internet\BackgroundService\ModemListener.exe [109120 2012-03-14] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [uTorrent] => C:\Users\mKorisnik\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-04] (BitTorrent Inc.)
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [ViStart] => C:\Users\mKorisnik\AppData\Roaming\ViStart\ViStart.exe
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [StartMenuX98] => "C:\Program Files\Start Menu X\StartMenuX.exe"
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\MountPoints2: {00bc4c86-e7a1-11e3-8257-6c71d9b2be26} - "G:\autorun.exe"
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\MountPoints2: {b19052c6-ee75-11e3-826c-6c71d9b2be26} - "F:\setup.exe"
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&pid=2942&r=2014/05/30&hid=17769994365160485233&lg=EN&cc=ME&unqvl=55
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&pid=2942&r=2014/05/30&hid=17769994365160485233&lg=EN&cc=ME&unqvl=55
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&pid=2942&r=2014/05/30&hid=17769994365160485233&lg=EN&cc=ME&unqvl=55
BHO: YoutubeAdblocker -> {0752A637-F999-AC06-44A7-4A6B6B51E9C5} -> C:\Program Files (x86)\YoutubeAdblocker\oauqT.x64.dll ()
BHO: saveo oNo -> {7A3758EC-315D-6280-3535-FDB967B72C1D} -> C:\Program Files (x86)\saveo oNo\NWt2v7hSgV.x64.dll ()
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default
FF DefaultSearchEngine: Погодак
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: Погодак
FF Homepage: [Link mogu videti samo ulogovani korisnici]
FF Keyword.URL: [Link mogu videti samo ulogovani korisnici]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml
FF Extension: SaverEXtensioN - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\13iui@varlxfbo.com [2014-05-10]
FF Extension: SNT - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\fnvg8yhhn@acmwfe.co.uk [2014-05-10]
FF Extension: FuN2Save - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\jbouurxeuua@mlfyy-.org [2014-05-11]
FF Extension: NewSeaVer - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\oqt8eadtyi@j-bvbrf.edu [2014-05-10]
FF Extension: YoutubeAdblocker - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\sjsyoy@yyaueuu.co.uk [2014-05-10]
FF Extension: save on - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\uqmhoee@ueyoxui.co.uk [2014-05-10]
FF Extension: WinToFlash Suggestor - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-05-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-30]
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
FF Extension: RelevantKnowledge - C:\Program Files (x86)\RelevantKnowledge\firefox [2014-07-10]

Chrome:
=======
CHR DefaultSearchKeyword: Default -> ask.com
CHR DefaultSearchProvider: Default -> Ask.com
CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-30]
CHR Extension: (Google Drive) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-12]
CHR Extension: (YouTube) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-30]
CHR Extension: (Adblock Plus) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-12]
CHR Extension: (Google Search) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-30]
CHR Extension: (RelevantKnowledge) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle [2014-07-10]
CHR Extension: (Google Wallet) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-12]
CHR Extension: (Adblock Pro) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2014-07-12]
CHR Extension: (Gmail) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-30]
CHR HKLM-x32\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx [2014-07-10]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
S2 d0e87c27; c:\Program Files (x86)\SW-Booster\AssistantSvc.dll [174928 2014-05-10] () [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [92536 2014-02-20] (EasyAntiCheat Ltd)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-16] ()
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [201496 2014-07-14] (TMRG, Inc.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [685568 2013-11-11] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Telenor_Montenegro Imola Modem Device Helper; C:\Program Files (x86)\Telenor Internet\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
R1 dtsoftbus01; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [283064 2014-06-08] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [120832 2011-06-20] (TCT International Mobile Ltd)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-01 17:36 - 2014-09-01 17:36 - 02104832 _____ (Farbar) C:\Users\mKorisnik\Desktop\FRST64.exe
2014-09-01 17:36 - 2014-09-01 17:36 - 00022313 _____ () C:\Users\mKorisnik\Desktop\FRST.txt
2014-09-01 17:34 - 2014-09-01 17:36 - 00000000 ____D () C:\FRST
2014-09-01 17:34 - 2014-09-01 17:35 - 00018613 _____ () C:\Users\mKorisnik\Downloads\FRST.txt
2014-09-01 17:34 - 2014-09-01 17:34 - 02104832 _____ (Farbar) C:\Users\mKorisnik\Downloads\FRST64.exe
2014-09-01 17:02 - 2014-09-01 17:02 - 00000969 _____ () C:\Users\mKorisnik\Desktop\CINEMA 4D 64 Bit.lnk
2014-09-01 17:02 - 2014-09-01 17:02 - 00000934 _____ () C:\Users\mKorisnik\Desktop\CINEMA 4D.lnk
2014-09-01 17:02 - 2014-09-01 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2014-09-01 16:22 - 2014-09-01 16:22 - 00000000 ____D () C:\Program Files\MAXON
2014-09-01 16:20 - 2014-09-01 17:02 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\MAXON
2014-09-01 16:03 - 2014-09-01 16:03 - 00395609 _____ () C:\Users\mKorisnik\Desktop\naja i lidija.wma
2014-08-31 13:50 - 2014-08-31 13:57 - 00000000 ____D () C:\Users\mKorisnik\Documents\slikakaaaaaa
2014-08-30 17:47 - 2011-04-16 01:40 - 00809496 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmp3952.tmp
2014-08-29 18:44 - 2014-08-29 18:47 - 14822887 _____ () C:\Users\mKorisnik\Desktop\tekstura moja.zip
2014-08-29 18:07 - 2014-08-29 18:07 - 00000000 ____D () C:\Users\mKorisnik\Documents\Adobe
2014-08-29 16:59 - 2014-07-27 17:50 - 27080764 _____ () C:\Users\mKorisnik\Desktop\Huahwi_Resource_Pack_64x_1.7.zip
2014-08-29 16:53 - 2014-08-29 18:22 - 00000000 ____D () C:\Users\mKorisnik\Documents\hunger games ep 1 mcsg
2014-08-28 07:46 - 2014-08-28 07:47 - 00865440 _____ () C:\Windows\Minidump\082814-43140-01.dmp
2014-08-28 07:46 - 2014-08-28 07:46 - 692050883 _____ () C:\Windows\MEMORY.DMP
2014-08-26 17:04 - 2014-08-26 17:04 - 00002199 _____ () C:\Users\mKorisnik\Desktop\Action!.lnk
2014-08-26 17:04 - 2014-08-26 17:04 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-08-26 17:04 - 2014-08-26 17:04 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-08-25 18:23 - 2014-08-25 18:39 - 00000000 ____D () C:\Users\mKorisnik\Documents\kliwroqtipjqt
2014-08-23 19:52 - 2014-08-23 19:54 - 00000000 ____D () C:\Users\mKorisnik\Documents\klipicicicici
2014-08-22 20:18 - 2014-08-31 19:30 - 00000000 ____D () C:\Users\mKorisnik\Desktop\kanal
2014-08-22 12:41 - 2014-08-22 12:41 - 00001122 _____ () C:\Users\Public\Desktop\Minecraft.lnk
2014-08-22 12:41 - 2014-08-22 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-08-21 16:36 - 2014-08-21 16:36 - 00554232 _____ () C:\Users\mKorisnik\Downloads\SkinEdit Alpha 3 pre 7 (1).zip
2014-08-21 16:35 - 2014-08-21 16:35 - 00554232 _____ () C:\Users\mKorisnik\Downloads\SkinEdit Alpha 3 pre 7.zip
2014-08-21 16:22 - 2014-08-21 16:22 - 00001906 _____ () C:\Users\mKorisnik\Desktop\IrfanView Thumbnails.lnk
2014-08-21 16:22 - 2014-08-21 16:22 - 00001014 _____ () C:\Users\mKorisnik\Desktop\IrfanView.lnk
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\IrfanView
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-08-21 16:14 - 2014-08-21 16:29 - 00000000 ____D () C:\Users\mKorisnik\Documents\Klip sa ivanom
2014-08-18 14:20 - 2014-08-18 14:21 - 01898640 _____ (Irfan Skiljan) C:\Users\mKorisnik\Downloads\iview438_setup.exe
2014-08-16 17:10 - 2014-08-28 15:18 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\LogMeIn Hamachi
2014-08-16 17:10 - 2014-08-16 17:10 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\LogMeIn
2014-08-16 17:10 - 2014-08-16 17:10 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-16 17:09 - 2014-08-16 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-16 17:09 - 2014-08-16 17:09 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-08-16 17:06 - 2014-08-16 17:06 - 08499200 _____ () C:\Users\mKorisnik\Downloads\hamachi.msi
2014-08-15 15:34 - 2014-08-15 15:48 - 00000000 ____D () C:\Users\mKorisnik\Documents\hunger games savjeti
2014-08-14 19:00 - 2014-08-14 19:01 - 00000000 ____D () C:\Users\mKorisnik\Documents\Untitled
2014-08-14 13:34 - 2014-08-14 13:34 - 00675988 _____ () C:\Users\mKorisnik\Downloads\Minecraft.exe
2014-08-14 12:57 - 2014-08-14 12:57 - 01102554 _____ () C:\Users\mKorisnik\Downloads\perise.bmp
2014-08-13 05:01 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 05:01 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 05:01 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-13 05:01 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 05:01 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-13 05:01 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-13 05:00 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 05:00 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 05:00 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 05:00 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 05:00 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 05:00 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 05:00 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 05:00 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 05:00 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 05:00 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 05:00 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 05:00 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 05:00 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 05:00 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 05:00 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 05:00 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 05:00 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 05:00 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 05:00 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 05:00 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 05:00 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 05:00 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 05:00 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 05:00 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 05:00 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 05:00 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 05:00 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 05:00 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 05:00 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 05:00 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 05:00 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 05:00 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 05:00 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 05:00 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 05:00 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 05:00 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 05:00 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 05:00 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-13 05:00 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-13 05:00 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-13 05:00 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-13 05:00 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-08-13 05:00 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-13 05:00 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-08-13 05:00 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-13 05:00 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-13 05:00 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-13 05:00 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-13 05:00 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-13 05:00 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-13 05:00 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-13 05:00 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-13 05:00 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-13 05:00 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-13 05:00 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-13 05:00 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-13 05:00 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-13 05:00 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-13 05:00 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-13 05:00 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-13 05:00 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-13 05:00 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-13 05:00 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-13 05:00 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-13 05:00 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-13 05:00 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-13 05:00 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-13 05:00 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-13 05:00 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-13 05:00 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-13 05:00 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-13 05:00 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-13 05:00 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-13 05:00 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-08-13 05:00 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-08-13 05:00 - 2014-04-26 20:41 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2014-08-13 05:00 - 2014-04-26 20:22 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2014-08-13 05:00 - 2014-04-26 20:04 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2014-08-13 05:00 - 2014-04-26 19:36 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2014-08-13 05:00 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-13 05:00 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-13 05:00 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-13 05:00 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-13 05:00 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-13 05:00 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-13 04:58 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 04:58 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 04:58 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-13 04:58 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-13 04:58 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-13 04:58 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-13 04:58 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-13 04:58 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-08-13 04:58 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-08-13 04:58 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-08-13 04:58 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-08-13 04:58 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-08-13 04:58 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 04:58 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 04:58 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 04:58 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 04:58 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 04:58 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 04:58 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 04:58 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-13 04:58 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-08-13 04:58 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-13 04:58 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-13 04:58 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-13 04:58 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-13 04:58 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-13 04:58 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-13 04:58 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-13 04:58 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-13 04:58 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-13 04:58 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-13 04:58 - 2014-05-29 08:21 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2014-08-13 04:58 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-13 04:58 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-13 04:58 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-13 04:58 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-08-13 04:58 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-08-13 04:58 - 2014-04-30 06:30 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2014-08-13 04:58 - 2014-04-30 05:52 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2014-08-13 04:57 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 04:57 - 2014-08-07 00:39 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 04:57 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 04:57 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-13 01:00 - 2014-08-13 01:00 - 04575232 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-08-10 16:48 - 2014-08-10 16:48 - 00003108 _____ () C:\Windows\System32\Tasks\{F2B1952C-78B3-4562-B1ED-2023D725128A}
2014-08-10 16:08 - 2014-08-10 16:08 - 00401418 _____ () C:\Users\mKorisnik\Downloads\chrome_icon_blue_black_mkii_by_jrathage-d68y53g.zip
2014-08-10 15:53 - 2014-08-10 15:53 - 00605751 _____ () C:\Users\mKorisnik\Downloads\google_chrome_icon_blue_by_greasybacon-d1puu76.zip
2014-08-07 17:32 - 2014-08-07 17:54 - 00000000 ____D () C:\Users\mKorisnik\Documents\pobdaaaaa
2014-08-07 14:22 - 2014-08-07 14:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-08-06 18:49 - 2014-08-06 18:49 - 00785243 _____ () C:\Users\mKorisnik\Downloads\OptiFine_1.7.2_HD_D1.jar
2014-08-06 18:28 - 2014-08-27 15:57 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\Unity
2014-08-06 18:28 - 2014-08-06 18:28 - 01080480 _____ (Unity Technologies ApS) C:\Users\mKorisnik\Downloads\UnityWebPlayer.exe
2014-08-06 16:06 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-06 15:44 - 2014-08-06 15:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-06 15:44 - 2014-08-06 15:44 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-05 17:18 - 2014-08-05 17:18 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\AAA_Internet_Publishing,_
2014-08-05 17:18 - 2014-01-03 16:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
2014-08-05 12:45 - 2014-08-05 12:45 - 00989560 _____ (are) C:\Users\mKorisnik\Downloads\Sad Piano & Violin Song.mp3.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-01 17:36 - 2014-09-01 17:36 - 02104832 _____ (Farbar) C:\Users\mKorisnik\Desktop\FRST64.exe
2014-09-01 17:36 - 2014-09-01 17:36 - 00022313 _____ () C:\Users\mKorisnik\Desktop\FRST.txt
2014-09-01 17:36 - 2014-09-01 17:34 - 00000000 ____D () C:\FRST
2014-09-01 17:35 - 2014-09-01 17:34 - 00018613 _____ () C:\Users\mKorisnik\Downloads\FRST.txt
2014-09-01 17:35 - 2014-05-10 09:30 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\uTorrent
2014-09-01 17:34 - 2014-09-01 17:34 - 02104832 _____ (Farbar) C:\Users\mKorisnik\Downloads\FRST64.exe
2014-09-01 17:21 - 2014-06-17 12:07 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Skype
2014-09-01 17:14 - 2014-07-12 14:09 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-01 17:12 - 2014-05-10 09:09 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\.minecraft
2014-09-01 17:02 - 2014-09-01 17:02 - 00000969 _____ () C:\Users\mKorisnik\Desktop\CINEMA 4D 64 Bit.lnk
2014-09-01 17:02 - 2014-09-01 17:02 - 00000934 _____ () C:\Users\mKorisnik\Desktop\CINEMA 4D.lnk
2014-09-01 17:02 - 2014-09-01 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2014-09-01 17:02 - 2014-09-01 16:20 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\MAXON
2014-09-01 17:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-01 16:27 - 2014-05-30 07:00 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B320FDD8-3D31-4FB3-8207-606CBCE5967A}
2014-09-01 16:22 - 2014-09-01 16:22 - 00000000 ____D () C:\Program Files\MAXON
2014-09-01 16:13 - 2014-05-10 07:05 - 03037696 ___SH () C:\Users\mKorisnik\Desktop\Thumbs.db
2014-09-01 16:03 - 2014-09-01 16:03 - 00395609 _____ () C:\Users\mKorisnik\Desktop\naja i lidija.wma
2014-09-01 15:45 - 2014-05-30 03:41 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-01 15:14 - 2014-05-10 10:04 - 02022567 _____ () C:\Windows\WindowsUpdate.log
2014-09-01 14:19 - 2014-05-30 03:19 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3483190843-2739031058-4271042174-1001
2014-09-01 14:14 - 2014-07-12 14:09 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-01 14:09 - 2014-06-18 13:05 - 00000000 ____D () C:\Program Files (x86)\RelevantKnowledge
2014-09-01 04:37 - 2014-06-05 11:55 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\Adobe
2014-08-31 21:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-08-31 19:32 - 2014-06-05 20:13 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\CrashDumps
2014-08-31 19:30 - 2014-08-22 20:18 - 00000000 ____D () C:\Users\mKorisnik\Desktop\kanal
2014-08-31 13:57 - 2014-08-31 13:50 - 00000000 ____D () C:\Users\mKorisnik\Documents\slikakaaaaaa
2014-08-30 19:31 - 2014-07-17 16:41 - 00000132 _____ () C:\Users\mKorisnik\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-08-30 18:05 - 2014-06-01 09:39 - 00278016 ___SH () C:\Users\mKorisnik\Downloads\Thumbs.db
2014-08-29 18:47 - 2014-08-29 18:44 - 14822887 _____ () C:\Users\mKorisnik\Desktop\tekstura moja.zip
2014-08-29 18:22 - 2014-08-29 16:53 - 00000000 ____D () C:\Users\mKorisnik\Documents\hunger games ep 1 mcsg
2014-08-29 18:07 - 2014-08-29 18:07 - 00000000 ____D () C:\Users\mKorisnik\Documents\Adobe
2014-08-29 18:07 - 2014-05-30 03:14 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Adobe
2014-08-29 16:40 - 2013-09-30 06:14 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-28 15:18 - 2014-08-16 17:10 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\LogMeIn Hamachi
2014-08-28 12:05 - 2014-07-09 13:34 - 00000020 _____ () C:\Windows\capsys184523.log
2014-08-28 07:47 - 2014-08-28 07:46 - 00865440 _____ () C:\Windows\Minidump\082814-43140-01.dmp
2014-08-28 07:47 - 2014-05-30 03:13 - 00000000 ____D () C:\Users\mKorisnik
2014-08-28 07:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\tracing
2014-08-28 07:47 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-28 07:46 - 2014-08-28 07:46 - 692050883 _____ () C:\Windows\MEMORY.DMP
2014-08-28 07:46 - 2014-06-17 12:30 - 00000000 ____D () C:\Windows\Minidump
2014-08-28 07:46 - 2013-09-30 06:02 - 00045460 _____ () C:\Windows\PFRO.log
2014-08-28 07:46 - 2013-08-22 16:44 - 05137304 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 15:57 - 2014-08-06 18:28 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\Unity
2014-08-27 15:56 - 2014-07-24 16:56 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-08-27 15:55 - 2014-06-18 13:04 - 00000000 ____D () C:\Program Files (x86)\ChrisTV PVR
2014-08-26 17:04 - 2014-08-26 17:04 - 00002199 _____ () C:\Users\mKorisnik\Desktop\Action!.lnk
2014-08-26 17:04 - 2014-08-26 17:04 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-08-26 17:04 - 2014-08-26 17:04 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-08-25 18:39 - 2014-08-25 18:23 - 00000000 ____D () C:\Users\mKorisnik\Documents\kliwroqtipjqt
2014-08-23 19:54 - 2014-08-23 19:52 - 00000000 ____D () C:\Users\mKorisnik\Documents\klipicicicici
2014-08-23 14:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-08-22 12:41 - 2014-08-22 12:41 - 00001122 _____ () C:\Users\Public\Desktop\Minecraft.lnk
2014-08-22 12:41 - 2014-08-22 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-08-21 16:56 - 2014-05-30 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-08-21 16:36 - 2014-08-21 16:36 - 00554232 _____ () C:\Users\mKorisnik\Downloads\SkinEdit Alpha 3 pre 7 (1).zip
2014-08-21 16:35 - 2014-08-21 16:35 - 00554232 _____ () C:\Users\mKorisnik\Downloads\SkinEdit Alpha 3 pre 7.zip
2014-08-21 16:29 - 2014-08-21 16:14 - 00000000 ____D () C:\Users\mKorisnik\Documents\Klip sa ivanom
2014-08-21 16:22 - 2014-08-21 16:22 - 00001906 _____ () C:\Users\mKorisnik\Desktop\IrfanView Thumbnails.lnk
2014-08-21 16:22 - 2014-08-21 16:22 - 00001014 _____ () C:\Users\mKorisnik\Desktop\IrfanView.lnk
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\IrfanView
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-08-21 16:10 - 2014-07-08 19:59 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Audacity
2014-08-18 14:33 - 2013-08-22 15:25 - 00786432 ___SH () C:\Windows\system32\config\BBI
2014-08-18 14:31 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-08-18 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-18 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-08-18 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-08-18 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-08-18 14:21 - 2014-08-18 14:20 - 01898640 _____ (Irfan Skiljan) C:\Users\mKorisnik\Downloads\iview438_setup.exe
2014-08-17 20:50 - 2013-08-22 16:46 - 00028186 _____ () C:\Windows\setupact.log
2014-08-16 17:10 - 2014-08-16 17:10 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\LogMeIn
2014-08-16 17:10 - 2014-08-16 17:10 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-16 17:09 - 2014-08-16 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-16 17:09 - 2014-08-16 17:09 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-08-16 17:06 - 2014-08-16 17:06 - 08499200 _____ () C:\Users\mKorisnik\Downloads\hamachi.msi
2014-08-15 15:48 - 2014-08-15 15:34 - 00000000 ____D () C:\Users\mKorisnik\Documents\hunger games savjeti
2014-08-15 13:37 - 2014-06-16 15:26 - 00000000 ____D () C:\Users\mKorisnik\Documents\intro
2014-08-15 11:30 - 2014-05-30 03:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-15 11:30 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-15 11:28 - 2014-07-17 20:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 11:23 - 2014-07-17 20:25 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 11:20 - 2014-07-21 08:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 19:01 - 2014-08-14 19:00 - 00000000 ____D () C:\Users\mKorisnik\Documents\Untitled
2014-08-14 18:54 - 2014-07-17 15:13 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\Windows Live
2014-08-14 13:34 - 2014-08-14 13:34 - 00675988 _____ () C:\Users\mKorisnik\Downloads\Minecraft.exe
2014-08-14 12:57 - 2014-08-14 12:57 - 01102554 _____ () C:\Users\mKorisnik\Downloads\perise.bmp
2014-08-13 04:57 - 2014-07-18 14:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 04:57 - 2013-11-19 07:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 04:57 - 2013-08-22 13:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 04:57 - 2013-08-22 13:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 04:57 - 2013-08-22 13:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 04:57 - 2013-08-22 13:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 04:57 - 2013-08-22 13:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 04:57 - 2013-08-22 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 04:57 - 2013-08-22 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 04:57 - 2013-08-22 05:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 04:57 - 2013-08-22 05:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 04:57 - 2013-08-22 05:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 04:57 - 2013-08-22 05:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 04:57 - 2013-08-22 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 04:56 - 2014-07-18 14:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 04:56 - 2013-08-22 12:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 04:55 - 2013-09-30 06:14 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-08-13 04:50 - 2014-07-19 11:00 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-13 01:00 - 2014-08-13 01:00 - 04575232 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-08-12 13:59 - 2014-07-30 17:20 - 00000000 ____D () C:\ProgramData\MCShield
2014-08-10 16:48 - 2014-08-10 16:48 - 00003108 _____ () C:\Windows\System32\Tasks\{F2B1952C-78B3-4562-B1ED-2023D725128A}
2014-08-10 16:27 - 2014-06-18 15:06 - 00020480 ___SH () C:\Users\mKorisnik\Thumbs.db
2014-08-10 16:11 - 2014-06-10 19:40 - 00000000 ____D () C:\Users\mKorisnik\Documents\Rockstar Games
2014-08-10 16:08 - 2014-08-10 16:08 - 00401418 _____ () C:\Users\mKorisnik\Downloads\chrome_icon_blue_black_mkii_by_jrathage-d68y53g.zip
2014-08-10 16:06 - 2014-07-12 12:58 - 00000000 ____D () C:\Users\mKorisnik\Documents\PassMark
2014-08-10 15:53 - 2014-08-10 15:53 - 00605751 _____ () C:\Users\mKorisnik\Downloads\google_chrome_icon_blue_by_greasybacon-d1puu76.zip
2014-08-07 17:54 - 2014-08-07 17:32 - 00000000 ____D () C:\Users\mKorisnik\Documents\pobdaaaaa
2014-08-07 14:22 - 2014-08-07 14:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-08-07 12:36 - 2014-05-10 05:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telenor Internet
2014-08-07 12:36 - 2014-05-10 05:47 - 00000000 ____D () C:\Program Files (x86)\Telenor Internet
2014-08-07 04:12 - 2014-08-13 04:57 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-07 03:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-07 00:39 - 2014-08-13 04:57 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-07 00:38 - 2014-08-13 04:58 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 18:49 - 2014-08-06 18:49 - 00785243 _____ () C:\Users\mKorisnik\Downloads\OptiFine_1.7.2_HD_D1.jar
2014-08-06 18:28 - 2014-08-06 18:28 - 01080480 _____ (Unity Technologies ApS) C:\Users\mKorisnik\Downloads\UnityWebPlayer.exe
2014-08-06 16:06 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-06 15:45 - 2014-05-30 03:41 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-06 15:44 - 2014-08-06 15:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-06 15:44 - 2014-08-06 15:44 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-06 15:44 - 2014-05-30 03:41 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-06 15:37 - 2014-05-10 06:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-05 17:18 - 2014-08-05 17:18 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\AAA_Internet_Publishing,_
2014-08-05 13:55 - 2014-07-03 22:44 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2014-08-05 12:45 - 2014-08-05 12:45 - 00989560 _____ (are) C:\Users\mKorisnik\Downloads\Sad Piano & Violin Song.mp3.exe
2014-08-02 15:00 - 2014-05-11 02:29 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Sony
2014-08-02 07:44 - 2014-08-13 04:58 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-02 05:56 - 2014-08-13 04:57 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-02 05:11 - 2014-08-13 04:58 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-02 02:17 - 2014-07-21 08:18 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2014-07-21 08:18 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\mKorisnik\AppData\Local\Temp\aacenc3.exe
C:\Users\mKorisnik\AppData\Local\Temp\BackupSetup.exe
C:\Users\mKorisnik\AppData\Local\Temp\(zabranjeno) and Setup__4006_il27.exe
C:\Users\mKorisnik\AppData\Local\Temp\DeltaTB.exe
C:\Users\mKorisnik\AppData\Local\Temp\DSSExp.exe
C:\Users\mKorisnik\AppData\Local\Temp\ffmpeg17.exe
C:\Users\mKorisnik\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\mKorisnik\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\mKorisnik\AppData\Local\Temp\mp3el2.exe
C:\Users\mKorisnik\AppData\Local\Temp\SRLDetectionLibrary5211777262149995015.dll
C:\Users\mKorisnik\AppData\Local\Temp\txfydfim.dll
C:\Users\mKorisnik\AppData\Local\Temp\ubi6CD1.tmp.exe
C:\Users\mKorisnik\AppData\Local\Temp\Uninstall.exe
C:\Users\mKorisnik\AppData\Local\Temp\uttB3CA.tmp.exe
C:\Users\mKorisnik\AppData\Local\Temp\x264enc6.exe
C:\Users\mKorisnik\AppData\Local\Temp\xmlUpdater.exe
C:\Users\mKorisnik\AppData\Local\Temp\_is4B7B.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-28 14:51

==================== End Of Log ============================


Evo i addition Smile

[Link mogu videti samo ulogovani korisnici]



Poslao: 01 Sep 2014 18:06
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt



Arrow Korak 2

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

process;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.



Poslao: 01 Sep 2014 19:26
Idi na vrh
offline
  • Pridružio: 02 Sep 2013
  • Poruke: 496

Evo adwcleaner Smile

[Link mogu videti samo ulogovani korisnici]

Evo i zoek Smile
Zoek.exe v5.0.0.0 Updated 31-08-2014
Tool run by mKorisnik on Mon 09/01/2014 at 19:11:15.92.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\mKorisnik\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

9/1/2014 19:13:51 Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Telenor Internet\BackgroundService\ServiceManager.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-08-28 05:46:16 A845F812619E8568DCE9EC71CF02483E 692050883 ----a-w- C:\Windows\MEMORY.DMP
2014-08-06 13:44:44 357CEBBCD99C8928A2D1A61A6CACC168 43152 ----a-w- C:\Windows\avastSS.scr
====== C:\Users\MKORIS~1\AppData\Local\Temp ====
2014-08-26 15:03:00 35DA2BF2BEFD998980A495B6F4F55E60 4479832 ----a-w- C:\Users\mKorisnik\AppData\Local\Temp\Mirillis\vcredist_x86\vcredist_x86.exe
====== Java Cache =====
2014-08-05 10:43:44 D9D40F8EEEDEE656CA6C6C1BF0B6587B 8913 ----a-w- C:\Users\mKorisnik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\7d7caccf-5aab2100
====== C:\Windows\SysWOW64 =====
2014-09-01 17:02:49 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\SysWOW64\sqlite3.dll
2014-08-30 15:47:15 694F54BD227916B89FC3EB1DB53F0685 809496 ----a-r- C:\Windows\SysWOW64\tmp3952.tmp
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-08-13 03:01:04 313DCE665B57000B18CB26C6B6A10DFE 1557848 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
2014-08-13 03:00:24 7A1A3F213CDB3363D179D5014272025D 402432 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys
2014-08-13 03:00:22 674A4702E4E144E8710ED1A2EC6DD049 96768 ----a-w- C:\Windows\Sysnative\drivers\agilevpn.sys
2014-08-13 03:00:19 65ED7B9CFEA893DF7748D5FF692690DE 38912 ----a-w- C:\Windows\Sysnative\drivers\vwifimp.sys
2014-08-13 03:00:17 35BF5C5F5E3C9902C98978C7640574DA 71680 ----a-w- C:\Windows\Sysnative\drivers\vwififlt.sys
2014-08-13 03:00:10 5C42CEE3E2018E1DFC6E3E17240A432A 206848 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys
2014-08-13 02:58:21 25AC0B50A71938890970E1508F107196 2518360 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2014-08-13 02:58:19 FE0ADF5028EB8C1339B66B3AEDE3FEF9 440664 -c--a-w- C:\Windows\Sysnative\drivers\usbport.sys
2014-08-13 02:58:19 93435654DCA210298BA0F986EB51C679 419672 -c--a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2014-08-13 02:58:19 83C9C45D59C72FEFDAE9A5686BE31FEA 467800 -c--a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS
2014-08-13 02:58:19 7CCBBCEE408A5DBE3FE47297DB5A6CFC 227840 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys
2014-08-13 02:58:18 D537815E450A149752C15868392AD1F3 110592 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys
2014-08-13 02:58:18 48BA326A3DBA5B5BEB5F2777F4618696 89944 -c--a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2014-08-13 02:58:18 064260B3A5868AC894A4943543BC7AB7 37376 -c--a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2014-08-13 02:58:17 D79920BE4E6683D3AB50F71457A4F6C6 27480 -c--a-w- C:\Windows\Sysnative\drivers\usbd.sys
2014-08-07 12:22:11 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-08-06 13:44:58 D95E64416A4A3ED6986E0F474DA934BD 29208 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys
====== C:\Windows\Tasks ======
2014-08-10 14:48:56 91667673FC1144B221E88DF88C0C7453 3108 ----a-w- C:\Windows\Sysnative\Tasks\{F2B1952C-78B3-4562-B1ED-2023D725128A}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-09-01 14:22:27 -------- d-----w- C:\Program Files\MAXON
======= C:\PROGRA~2 =====
2014-08-26 15:04:10 -------- d-----w- C:\PROGRA~2\Mirillis
2014-08-21 14:22:09 -------- d-----w- C:\PROGRA~2\IrfanView
======= C: =====
====== C:\Users\mKorisnik\AppData\Roaming ======
2014-09-01 14:20:29 -------- d-----w- C:\Users\mKorisnik\AppData\Roaming\MAXON
2014-08-26 15:04:13 -------- d-----w- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-08-21 14:22:09 -------- d-----w- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-08-21 14:22:09 -------- d-----w- C:\Users\mKorisnik\AppData\Roaming\IrfanView
2014-08-18 12:32:56 FFD9631DB9D444B47B476B792DB25C25 316200 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2014-08-06 16:28:33 -------- d-----w- C:\Users\mKorisnik\AppData\Local\Unity
2014-08-06 16:28:32 -------- d-----w- C:\Users\mKorisnik\AppData\Locallow\Unity
2014-08-05 15:18:49 -------- d-----w- C:\Users\mKorisnik\AppData\Local\AAA_Internet_Publishing,_
====== C:\Users\mKorisnik ======
2014-09-01 16:59:59 9DED4724D695CFB01960426DA011ABAE 1364531 ----a-w- C:\Users\mKorisnik\Desktop\AdwCleaner.exe
2014-09-01 15:36:04 2EBC0AB478ED94F2443319AF48176A04 2104832 ----a-w- C:\Users\mKorisnik\Desktop\FRST64.exe
2014-09-01 15:34:18 2EBC0AB478ED94F2443319AF48176A04 2104832 ----a-w- C:\Users\mKorisnik\Downloads\FRST64.exe
2014-09-01 15:02:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2014-08-22 10:41:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft

====== C: exe-files ==
2014-09-01 16:59:59 9DED4724D695CFB01960426DA011ABAE 1364531 ----a-w- C:\Users\mKorisnik\Desktop\AdwCleaner.exe
2014-09-01 15:36:04 2EBC0AB478ED94F2443319AF48176A04 2104832 ----a-w- C:\Users\mKorisnik\Desktop\FRST64.exe
2014-09-01 15:34:18 2EBC0AB478ED94F2443319AF48176A04 2104832 ----a-w- C:\Users\mKorisnik\Downloads\FRST64.exe
2014-08-26 15:04:13 9BEBCC0C23A6750144875AE7B1103CD3 9662 ----a-r- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Installer\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}\_D027E23F28306A97A61AB4.exe
2014-08-26 15:04:13 9BEBCC0C23A6750144875AE7B1103CD3 9662 ----a-r- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Installer\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}\_1B094BFD4F46B56DFF1D72.exe
2014-08-26 15:04:13 7F07DA54286C279C56D20B0B549E657F 287934 ----a-r- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Installer\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}\_C745A3DB8CF9128B0B6BC4.exe
2014-08-26 15:04:13 7F07DA54286C279C56D20B0B549E657F 287934 ----a-r- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Installer\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}\_B91E9695AEAA81D2CD13FD.exe
2014-08-26 15:04:13 7F07DA54286C279C56D20B0B549E657F 287934 ----a-r- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Installer\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}\_6FEFF9B68218417F98F549.exe
2014-08-26 15:03:00 35DA2BF2BEFD998980A495B6F4F55E60 4479832 ----a-w- C:\Users\mKorisnik\AppData\Local\Temp\Mirillis\vcredist_x86\vcredist_x86.exe
=== C: other files ==
2014-09-01 15:49:34 F935D356BE6A4CC3619343BB54E9878E 9047 ----a-w- C:\Users\mKorisnik\AppData\Roaming\MAXON\CINEMA 4D R14_4A9E4467\updates\content\20130422100403_e73c9b55.zip
2014-09-01 14:41:31 BA736B1CCB36DAB159FE7F2F32AFB552 56812368 ----a-w- C:\Users\mKorisnik\AppData\Roaming\.minecraft\resourcepacks\MuamerBa.zip
2014-09-01 14:22:09 95B2EC7ED803BA930AEA2E29D326246F 17462 ----a-r- C:\Program Files\MAXON\CINEMA 4D R14\resource\updates\content\20120704103046_6b6c7ac2.zip
2014-09-01 14:22:09 4C629B82CD31032EC457942684C0D0A4 24888 ----a-r- C:\Program Files\MAXON\CINEMA 4D R14\resource\updates\content\20120704103046_66a15111.zip
2014-09-01 14:22:09 21F339E640B18D8D1580097BEEACA490 17944 ----a-r- C:\Program Files\MAXON\CINEMA 4D R14\resource\updates\content\20120704103046_a64aa7d0.zip
2014-09-01 14:22:09 1046ADE034E541436AEAD2BF8DABAEE0 17622 ----a-r- C:\Program Files\MAXON\CINEMA 4D R14\resource\updates\content\20120704103046_078323e9.zip
2014-08-29 16:44:35 EA9C5100DFFE2DCB3B26B63A2EB2ECE4 14822887 ----a-w- C:\Users\mKorisnik\Desktop\tekstura moja.zip
2014-08-29 14:59:47 2E101E9EA49041C95C46C371C8B32F1A 27080764 ----a-w- C:\Users\mKorisnik\Desktop\Huahwi_Resource_Pack_64x_1.7.zip
2014-08-29 14:58:48 252582F2B31961F13D8ACF39EC74A47A 14822424 ----a-w- C:\Users\mKorisnik\AppData\Roaming\.minecraft\resourcepacks\tekstura moja.zip
2014-08-28 14:16:04 C22B7185FB6BB7BA4EF4650A926E432F 28974683 ----a-w- C:\Users\mKorisnik\AppData\Roaming\.minecraft\resourcepacks\Mamont PVP texturepack 1.7.4.zip
2014-08-26 15:07:40 3F2A42585DCE14A24E529DD0FD22B5F9 84888455 ----a-w- C:\Users\mKorisnik\AppData\Roaming\.minecraft\resourcepacks\CreepyCraft Fixed Swords #4 Pvp Texture Pack [1.7] .zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3483190843-2739031058-4271042174-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\mKorisnik\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"DAEMON Tools Lite"="D:\DAEMON Tools Lite\DTLite.exe -autorun"
"ViStart"="C:\Users\mKorisnik\AppData\Roaming\ViStart\ViStart.exe"
"StartMenuX98"="C:\Program Files\Start Menu X\StartMenuX.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"MCShield Monitor"="C:\Program Files (x86)\MCShield\MCShieldRTM.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe"
"Telenor_Montenegro Imola ModemListener"="C:\Program Files (x86)\Telenor Internet\BackgroundService\ModemListener.exe start"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\mKorisnik\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"DAEMON Tools Lite"="D:\DAEMON Tools Lite\DTLite.exe -autorun"
"ViStart"="C:\Users\mKorisnik\AppData\Roaming\ViStart\ViStart.exe"
"StartMenuX98"="C:\Program Files\Start Menu X\StartMenuX.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"MCShield Monitor"="C:\Program Files (x86)\MCShield\MCShieldRTM.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Folders ======================

2014-05-11 18:48:59 2062 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/12/2014 14:09]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/12/2014 14:09]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-m-mKorisnik" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{B320FDD8-3D31-4FB3-8207-606CBCE5967A}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{F2B1952C-78B3-4562-B1ED-2023D725128A}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}"="C:\Program Files (x86)\RelevantKnowledge\firefox" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\MKORIS~1\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default
- SNT - %ProfilePath%\extensions\fnvg8yhhn@acmwfe.co.uk
- WinToFlash Suggestor - %ProfilePath%\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[08/06/2014 15:44]

SNT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
Flash Savings - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
Flash Savings - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
Flash Savings - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - mKorisnik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - mKorisnik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - mKorisnik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - mKorisnik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
Google Docs - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Last updated at time on date - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch
Gmail - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
SNT - mKorisnik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - mKorisnik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - mKorisnik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - mKorisnik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} Ask.com Url="http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=128&systemid=488&v=a13277-343&apn_uid=4335259831474092&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Mon 09/01/2014 at 19:21:22.22 ======================

Poslao: 01 Sep 2014 19:43
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions];r
"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}"=-;r
SNT;ff
{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi;ff
bnjfibodnkebcfiihbceildojdlfgemi;chr
jkccdpekklmkhkkcacmgdfbofoingjpm;chr
ndgpnkocndgebhfbmhmohnnofkmepemo;chr
niloccemoadcdkdjlinkgdfekeahmflj;chr
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488};c
emptyalltemp;
emptyclsid;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadržaj tog loga u poruku.

Poslao: 03 Sep 2014 17:09
Idi na vrh
offline
  • Pridružio: 02 Sep 2013
  • Poruke: 496

Evo Smile
Zoek.exe v5.0.0.0 Updated 04-August-2014
Tool run by mKorisnik on Wed 09/03/2014 at 15:55:00.43.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MKORIS~1\AppData\Local\Temp\Rar$DIa0.082\zoek.scr [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-09-01-172122.log 20438 bytes
C:\zoek-results2014-09-02-161405.log 22614 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\MKORIS~1\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20140903_1622_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}"=-

==== Deleting Files \ Folders ======================

C:\Users\mKorisnik\Searches deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [08/06/2014 15:44]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[08/06/2014 15:44]

Google Docs - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Last updated at time on date - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch
Gmail - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\mKorisnik\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\mKorisnik\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\mKorisnik\AppData\Local\Mozilla\Firefox\Profiles\xqoommk5.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=296 folders=104 10569878 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\mKorisnik\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\MKORIS~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Wed 09/03/2014 at 16:42:47.49 ======================

Poslao: 03 Sep 2014 19:33
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;


• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.




>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.




Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

MyCity » Ambulanta -> Arhiva Ambulante » Provjera :)

Ko je trenutno na forumu
 

Ukupno su 778 korisnika na forumu :: 109 registrovanih, 8 sakrivenih i 661 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 16.mabr, Aleksandar Šljivar, alkatraz080, Armadillo, Aska, Automaticar, avalon, bankulen, berste23, bigfoot, bladesu, Bobrock1, Brot, carinko, ccoogg123, ceman, cifra, Czrweni, Darth Wader, deLacy, Desmond, dmrdc, Dokon Pop, DonRumataEstorski, Duh sa sekirom, dusan.l, Džekson, ekozelj, EVIDENTICAR, Futurama, g_g, gasha, Giskard, glados, Hamo77, Hans Gajger, Helket, Hubert, Igritelj, ivica976, Kapo64, lakson001, Lazur_01, Lelemood, luka35, MaCS, Magistar78, Mamadu, Medojed, mercedesamg, Metanoja, Mig 29, MiGac, Might is Right, milanstankovic087, miljannis, milos.cbr, MilosKop, Milovan Dinic, miodrag, MiroslavD, Mldo, mrgud2025, Mzee, Naj-Turs, nebkv, nemkea71, nikolapetkovic, oblivion, OldKresoje, paja69, Perudin_92, pfc74, Piklik, pisac12, Plavi Jadran, Podgoritza, Prašinar, Pururin, Radoslava, razumihin, renvoi, royst33, ruma, s0ne, Sir Budimir, Slobodan Filipović, srecko81, The Boss, TheBeastOfMG, theNedjeljko, Titan, Topcider, trpche, Vanderx, vaso1, vazduh, veljko82, vjetar, Vlad000, VojaeZ, vrag81, vuksa72, wizzardone, zajcev1, Zastava, zgoljo, zule2, zzzgmap