Provjera :)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Zelio bih da provjerim racunar
Evo FRST Izvjestaja

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by mKorisnik (administrator) on M on 01-09-2014 17:36:11
Running from C:\Users\mKorisnik\Desktop
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
() C:\Program Files (x86)\Telenor Internet\BackgroundService\ServiceManager.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Microsoft Corporation) C:\Windows\Camera\Camera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\WindowsApps\Microsoft.HelpAndTips_6.3.9654.20559_x64__8wekyb3d8bbwe\helpandtips.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\UserAccountBroker.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(BitTorrent Inc.) C:\Users\mKorisnik\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Telenor_Montenegro Imola ModemListener] => C:\Program Files (x86)\Telenor Internet\BackgroundService\ModemListener.exe [109120 2012-03-14] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [uTorrent] => C:\Users\mKorisnik\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-04] (BitTorrent Inc.)
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [ViStart] => C:\Users\mKorisnik\AppData\Roaming\ViStart\ViStart.exe
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [StartMenuX98] => "C:\Program Files\Start Menu X\StartMenuX.exe"
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\MountPoints2: {00bc4c86-e7a1-11e3-8257-6c71d9b2be26} - "G:\autorun.exe"
HKU\S-1-5-21-3483190843-2739031058-4271042174-1001\...\MountPoints2: {b19052c6-ee75-11e3-826c-6c71d9b2be26} - "F:\setup.exe"
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN11459&gct=hp&a.....43&t=4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.fastosearch.info/?pid=2942&r=.....p;unqvl=55
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.fastosearch.info/?l=1&q={searchTerms}&pid=2942&r=2014/05/30&hid=17769994365160485233&lg=EN&cc=ME&unqvl=55
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms}
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.fastosearch.info/?l=1&q={searchTerms}&pid=2942&r=2014/05/30&hid=17769994365160485233&lg=EN&cc=ME&unqvl=55
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&am.....AG1&q={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.fastosearch.info/?l=1&q={searchTerms}&pid=2942&r=2014/05/30&hid=17769994365160485233&lg=EN&cc=ME&unqvl=55
BHO: YoutubeAdblocker -> {0752A637-F999-AC06-44A7-4A6B6B51E9C5} -> C:\Program Files (x86)\YoutubeAdblocker\oauqT.x64.dll ()
BHO: saveo oNo -> {7A3758EC-315D-6280-3535-FDB967B72C1D} -> C:\Program Files (x86)\saveo oNo\NWt2v7hSgV.x64.dll ()
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default
FF DefaultSearchEngine: Погодак
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: Погодак
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=128&systemid=488&v=a13277-343&apn_dtid=TCH001&apn_ptnrs=AG1&apn_uid=4335259831474092&o=APN11459&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml
FF Extension: SaverEXtensioN - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\13iui@varlxfbo.com [2014-05-10]
FF Extension: SNT - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\fnvg8yhhn@acmwfe.co.uk [2014-05-10]
FF Extension: FuN2Save - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\jbouurxeuua@mlfyy-.org [2014-05-11]
FF Extension: NewSeaVer - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\oqt8eadtyi@j-bvbrf.edu [2014-05-10]
FF Extension: YoutubeAdblocker - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\sjsyoy@yyaueuu.co.uk [2014-05-10]
FF Extension: save on - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\uqmhoee@ueyoxui.co.uk [2014-05-10]
FF Extension: WinToFlash Suggestor - C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-05-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-30]
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
FF Extension: RelevantKnowledge - C:\Program Files (x86)\RelevantKnowledge\firefox [2014-07-10]

Chrome:
=======
CHR DefaultSearchKeyword: Default -> ask.com
CHR DefaultSearchProvider: Default -> Ask.com
CHR DefaultSearchURL: Default -> http://dts.search.ask.com/sr?src=crb&gct=ds&am.....AG1&q={searchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-30]
CHR Extension: (Google Drive) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-12]
CHR Extension: (YouTube) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-30]
CHR Extension: (Adblock Plus) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-12]
CHR Extension: (Google Search) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-30]
CHR Extension: (RelevantKnowledge) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle [2014-07-10]
CHR Extension: (Google Wallet) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-12]
CHR Extension: (Adblock Pro) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2014-07-12]
CHR Extension: (Gmail) - C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-30]
CHR HKLM-x32\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx [2014-07-10]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
S2 d0e87c27; c:\Program Files (x86)\SW-Booster\AssistantSvc.dll [174928 2014-05-10] () [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [92536 2014-02-20] (EasyAntiCheat Ltd)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-16] ()
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [201496 2014-07-14] (TMRG, Inc.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [685568 2013-11-11] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Telenor_Montenegro Imola Modem Device Helper; C:\Program Files (x86)\Telenor Internet\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
R1 dtsoftbus01; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [283064 2014-06-08] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [120832 2011-06-20] (TCT International Mobile Ltd)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-01 17:36 - 2014-09-01 17:36 - 02104832 _____ (Farbar) C:\Users\mKorisnik\Desktop\FRST64.exe
2014-09-01 17:36 - 2014-09-01 17:36 - 00022313 _____ () C:\Users\mKorisnik\Desktop\FRST.txt
2014-09-01 17:34 - 2014-09-01 17:36 - 00000000 ____D () C:\FRST
2014-09-01 17:34 - 2014-09-01 17:35 - 00018613 _____ () C:\Users\mKorisnik\Downloads\FRST.txt
2014-09-01 17:34 - 2014-09-01 17:34 - 02104832 _____ (Farbar) C:\Users\mKorisnik\Downloads\FRST64.exe
2014-09-01 17:02 - 2014-09-01 17:02 - 00000969 _____ () C:\Users\mKorisnik\Desktop\CINEMA 4D 64 Bit.lnk
2014-09-01 17:02 - 2014-09-01 17:02 - 00000934 _____ () C:\Users\mKorisnik\Desktop\CINEMA 4D.lnk
2014-09-01 17:02 - 2014-09-01 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2014-09-01 16:22 - 2014-09-01 16:22 - 00000000 ____D () C:\Program Files\MAXON
2014-09-01 16:20 - 2014-09-01 17:02 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\MAXON
2014-09-01 16:03 - 2014-09-01 16:03 - 00395609 _____ () C:\Users\mKorisnik\Desktop\naja i lidija.wma
2014-08-31 13:50 - 2014-08-31 13:57 - 00000000 ____D () C:\Users\mKorisnik\Documents\slikakaaaaaa
2014-08-30 17:47 - 2011-04-16 01:40 - 00809496 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmp3952.tmp
2014-08-29 18:44 - 2014-08-29 18:47 - 14822887 _____ () C:\Users\mKorisnik\Desktop\tekstura moja.zip
2014-08-29 18:07 - 2014-08-29 18:07 - 00000000 ____D () C:\Users\mKorisnik\Documents\Adobe
2014-08-29 16:59 - 2014-07-27 17:50 - 27080764 _____ () C:\Users\mKorisnik\Desktop\Huahwi_Resource_Pack_64x_1.7.zip
2014-08-29 16:53 - 2014-08-29 18:22 - 00000000 ____D () C:\Users\mKorisnik\Documents\hunger games ep 1 mcsg
2014-08-28 07:46 - 2014-08-28 07:47 - 00865440 _____ () C:\Windows\Minidump\082814-43140-01.dmp
2014-08-28 07:46 - 2014-08-28 07:46 - 692050883 _____ () C:\Windows\MEMORY.DMP
2014-08-26 17:04 - 2014-08-26 17:04 - 00002199 _____ () C:\Users\mKorisnik\Desktop\Action!.lnk
2014-08-26 17:04 - 2014-08-26 17:04 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-08-26 17:04 - 2014-08-26 17:04 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-08-25 18:23 - 2014-08-25 18:39 - 00000000 ____D () C:\Users\mKorisnik\Documents\kliwroqtipjqt
2014-08-23 19:52 - 2014-08-23 19:54 - 00000000 ____D () C:\Users\mKorisnik\Documents\klipicicicici
2014-08-22 20:18 - 2014-08-31 19:30 - 00000000 ____D () C:\Users\mKorisnik\Desktop\kanal
2014-08-22 12:41 - 2014-08-22 12:41 - 00001122 _____ () C:\Users\Public\Desktop\Minecraft.lnk
2014-08-22 12:41 - 2014-08-22 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-08-21 16:36 - 2014-08-21 16:36 - 00554232 _____ () C:\Users\mKorisnik\Downloads\SkinEdit Alpha 3 pre 7 (1).zip
2014-08-21 16:35 - 2014-08-21 16:35 - 00554232 _____ () C:\Users\mKorisnik\Downloads\SkinEdit Alpha 3 pre 7.zip
2014-08-21 16:22 - 2014-08-21 16:22 - 00001906 _____ () C:\Users\mKorisnik\Desktop\IrfanView Thumbnails.lnk
2014-08-21 16:22 - 2014-08-21 16:22 - 00001014 _____ () C:\Users\mKorisnik\Desktop\IrfanView.lnk
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\IrfanView
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-08-21 16:14 - 2014-08-21 16:29 - 00000000 ____D () C:\Users\mKorisnik\Documents\Klip sa ivanom
2014-08-18 14:20 - 2014-08-18 14:21 - 01898640 _____ (Irfan Skiljan) C:\Users\mKorisnik\Downloads\iview438_setup.exe
2014-08-16 17:10 - 2014-08-28 15:18 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\LogMeIn Hamachi
2014-08-16 17:10 - 2014-08-16 17:10 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\LogMeIn
2014-08-16 17:10 - 2014-08-16 17:10 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-16 17:09 - 2014-08-16 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-16 17:09 - 2014-08-16 17:09 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-08-16 17:06 - 2014-08-16 17:06 - 08499200 _____ () C:\Users\mKorisnik\Downloads\hamachi.msi
2014-08-15 15:34 - 2014-08-15 15:48 - 00000000 ____D () C:\Users\mKorisnik\Documents\hunger games savjeti
2014-08-14 19:00 - 2014-08-14 19:01 - 00000000 ____D () C:\Users\mKorisnik\Documents\Untitled
2014-08-14 13:34 - 2014-08-14 13:34 - 00675988 _____ () C:\Users\mKorisnik\Downloads\Minecraft.exe
2014-08-14 12:57 - 2014-08-14 12:57 - 01102554 _____ () C:\Users\mKorisnik\Downloads\perise.bmp
2014-08-13 05:01 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 05:01 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 05:01 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-13 05:01 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 05:01 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-13 05:01 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-13 05:00 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 05:00 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 05:00 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 05:00 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 05:00 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 05:00 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 05:00 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 05:00 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 05:00 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 05:00 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 05:00 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 05:00 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 05:00 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 05:00 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 05:00 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 05:00 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 05:00 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 05:00 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 05:00 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 05:00 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 05:00 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 05:00 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 05:00 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 05:00 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 05:00 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 05:00 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 05:00 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 05:00 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 05:00 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 05:00 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 05:00 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 05:00 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 05:00 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 05:00 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 05:00 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 05:00 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 05:00 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 05:00 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-13 05:00 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-13 05:00 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-13 05:00 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-13 05:00 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-08-13 05:00 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-13 05:00 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-08-13 05:00 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-13 05:00 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-13 05:00 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-13 05:00 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-13 05:00 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-13 05:00 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-13 05:00 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-13 05:00 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-13 05:00 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-13 05:00 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-13 05:00 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-13 05:00 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-13 05:00 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-13 05:00 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-13 05:00 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-13 05:00 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-13 05:00 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-13 05:00 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-13 05:00 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-13 05:00 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-13 05:00 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-13 05:00 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-13 05:00 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-13 05:00 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-13 05:00 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-13 05:00 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-13 05:00 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-13 05:00 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-13 05:00 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-13 05:00 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-08-13 05:00 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-08-13 05:00 - 2014-04-26 20:41 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2014-08-13 05:00 - 2014-04-26 20:22 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2014-08-13 05:00 - 2014-04-26 20:04 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2014-08-13 05:00 - 2014-04-26 19:36 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2014-08-13 05:00 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-13 05:00 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-13 05:00 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-13 05:00 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-13 05:00 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-13 05:00 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-13 04:58 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 04:58 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 04:58 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-13 04:58 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-13 04:58 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-13 04:58 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-13 04:58 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-13 04:58 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-08-13 04:58 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-08-13 04:58 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-08-13 04:58 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-08-13 04:58 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-08-13 04:58 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 04:58 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 04:58 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 04:58 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 04:58 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 04:58 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 04:58 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 04:58 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-13 04:58 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-08-13 04:58 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-13 04:58 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-13 04:58 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-13 04:58 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-13 04:58 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-13 04:58 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-13 04:58 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-13 04:58 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-13 04:58 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-13 04:58 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-13 04:58 - 2014-05-29 08:21 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2014-08-13 04:58 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-13 04:58 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-13 04:58 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-13 04:58 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-08-13 04:58 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-08-13 04:58 - 2014-04-30 06:30 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2014-08-13 04:58 - 2014-04-30 05:52 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2014-08-13 04:57 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 04:57 - 2014-08-07 00:39 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 04:57 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 04:57 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-13 01:00 - 2014-08-13 01:00 - 04575232 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-08-10 16:48 - 2014-08-10 16:48 - 00003108 _____ () C:\Windows\System32\Tasks\{F2B1952C-78B3-4562-B1ED-2023D725128A}
2014-08-10 16:08 - 2014-08-10 16:08 - 00401418 _____ () C:\Users\mKorisnik\Downloads\chrome_icon_blue_black_mkii_by_jrathage-d68y53g.zip
2014-08-10 15:53 - 2014-08-10 15:53 - 00605751 _____ () C:\Users\mKorisnik\Downloads\google_chrome_icon_blue_by_greasybacon-d1puu76.zip
2014-08-07 17:32 - 2014-08-07 17:54 - 00000000 ____D () C:\Users\mKorisnik\Documents\pobdaaaaa
2014-08-07 14:22 - 2014-08-07 14:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-08-06 18:49 - 2014-08-06 18:49 - 00785243 _____ () C:\Users\mKorisnik\Downloads\OptiFine_1.7.2_HD_D1.jar
2014-08-06 18:28 - 2014-08-27 15:57 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\Unity
2014-08-06 18:28 - 2014-08-06 18:28 - 01080480 _____ (Unity Technologies ApS) C:\Users\mKorisnik\Downloads\UnityWebPlayer.exe
2014-08-06 16:06 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-06 15:44 - 2014-08-06 15:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-06 15:44 - 2014-08-06 15:44 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-05 17:18 - 2014-08-05 17:18 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\AAA_Internet_Publishing,_
2014-08-05 17:18 - 2014-01-03 16:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
2014-08-05 12:45 - 2014-08-05 12:45 - 00989560 _____ (are) C:\Users\mKorisnik\Downloads\Sad Piano & Violin Song.mp3.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-01 17:36 - 2014-09-01 17:36 - 02104832 _____ (Farbar) C:\Users\mKorisnik\Desktop\FRST64.exe
2014-09-01 17:36 - 2014-09-01 17:36 - 00022313 _____ () C:\Users\mKorisnik\Desktop\FRST.txt
2014-09-01 17:36 - 2014-09-01 17:34 - 00000000 ____D () C:\FRST
2014-09-01 17:35 - 2014-09-01 17:34 - 00018613 _____ () C:\Users\mKorisnik\Downloads\FRST.txt
2014-09-01 17:35 - 2014-05-10 09:30 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\uTorrent
2014-09-01 17:34 - 2014-09-01 17:34 - 02104832 _____ (Farbar) C:\Users\mKorisnik\Downloads\FRST64.exe
2014-09-01 17:21 - 2014-06-17 12:07 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Skype
2014-09-01 17:14 - 2014-07-12 14:09 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-01 17:12 - 2014-05-10 09:09 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\.minecraft
2014-09-01 17:02 - 2014-09-01 17:02 - 00000969 _____ () C:\Users\mKorisnik\Desktop\CINEMA 4D 64 Bit.lnk
2014-09-01 17:02 - 2014-09-01 17:02 - 00000934 _____ () C:\Users\mKorisnik\Desktop\CINEMA 4D.lnk
2014-09-01 17:02 - 2014-09-01 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2014-09-01 17:02 - 2014-09-01 16:20 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\MAXON
2014-09-01 17:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-01 16:27 - 2014-05-30 07:00 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B320FDD8-3D31-4FB3-8207-606CBCE5967A}
2014-09-01 16:22 - 2014-09-01 16:22 - 00000000 ____D () C:\Program Files\MAXON
2014-09-01 16:13 - 2014-05-10 07:05 - 03037696 ___SH () C:\Users\mKorisnik\Desktop\Thumbs.db
2014-09-01 16:03 - 2014-09-01 16:03 - 00395609 _____ () C:\Users\mKorisnik\Desktop\naja i lidija.wma
2014-09-01 15:45 - 2014-05-30 03:41 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-01 15:14 - 2014-05-10 10:04 - 02022567 _____ () C:\Windows\WindowsUpdate.log
2014-09-01 14:19 - 2014-05-30 03:19 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3483190843-2739031058-4271042174-1001
2014-09-01 14:14 - 2014-07-12 14:09 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-01 14:09 - 2014-06-18 13:05 - 00000000 ____D () C:\Program Files (x86)\RelevantKnowledge
2014-09-01 04:37 - 2014-06-05 11:55 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\Adobe
2014-08-31 21:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-08-31 19:32 - 2014-06-05 20:13 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\CrashDumps
2014-08-31 19:30 - 2014-08-22 20:18 - 00000000 ____D () C:\Users\mKorisnik\Desktop\kanal
2014-08-31 13:57 - 2014-08-31 13:50 - 00000000 ____D () C:\Users\mKorisnik\Documents\slikakaaaaaa
2014-08-30 19:31 - 2014-07-17 16:41 - 00000132 _____ () C:\Users\mKorisnik\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-08-30 18:05 - 2014-06-01 09:39 - 00278016 ___SH () C:\Users\mKorisnik\Downloads\Thumbs.db
2014-08-29 18:47 - 2014-08-29 18:44 - 14822887 _____ () C:\Users\mKorisnik\Desktop\tekstura moja.zip
2014-08-29 18:22 - 2014-08-29 16:53 - 00000000 ____D () C:\Users\mKorisnik\Documents\hunger games ep 1 mcsg
2014-08-29 18:07 - 2014-08-29 18:07 - 00000000 ____D () C:\Users\mKorisnik\Documents\Adobe
2014-08-29 18:07 - 2014-05-30 03:14 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Adobe
2014-08-29 16:40 - 2013-09-30 06:14 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-28 15:18 - 2014-08-16 17:10 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\LogMeIn Hamachi
2014-08-28 12:05 - 2014-07-09 13:34 - 00000020 _____ () C:\Windows\capsys184523.log
2014-08-28 07:47 - 2014-08-28 07:46 - 00865440 _____ () C:\Windows\Minidump\082814-43140-01.dmp
2014-08-28 07:47 - 2014-05-30 03:13 - 00000000 ____D () C:\Users\mKorisnik
2014-08-28 07:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\tracing
2014-08-28 07:47 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-28 07:46 - 2014-08-28 07:46 - 692050883 _____ () C:\Windows\MEMORY.DMP
2014-08-28 07:46 - 2014-06-17 12:30 - 00000000 ____D () C:\Windows\Minidump
2014-08-28 07:46 - 2013-09-30 06:02 - 00045460 _____ () C:\Windows\PFRO.log
2014-08-28 07:46 - 2013-08-22 16:44 - 05137304 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 15:57 - 2014-08-06 18:28 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\Unity
2014-08-27 15:56 - 2014-07-24 16:56 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-08-27 15:55 - 2014-06-18 13:04 - 00000000 ____D () C:\Program Files (x86)\ChrisTV PVR
2014-08-26 17:04 - 2014-08-26 17:04 - 00002199 _____ () C:\Users\mKorisnik\Desktop\Action!.lnk
2014-08-26 17:04 - 2014-08-26 17:04 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-08-26 17:04 - 2014-08-26 17:04 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-08-25 18:39 - 2014-08-25 18:23 - 00000000 ____D () C:\Users\mKorisnik\Documents\kliwroqtipjqt
2014-08-23 19:54 - 2014-08-23 19:52 - 00000000 ____D () C:\Users\mKorisnik\Documents\klipicicicici
2014-08-23 14:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-08-22 12:41 - 2014-08-22 12:41 - 00001122 _____ () C:\Users\Public\Desktop\Minecraft.lnk
2014-08-22 12:41 - 2014-08-22 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-08-21 16:56 - 2014-05-30 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-08-21 16:36 - 2014-08-21 16:36 - 00554232 _____ () C:\Users\mKorisnik\Downloads\SkinEdit Alpha 3 pre 7 (1).zip
2014-08-21 16:35 - 2014-08-21 16:35 - 00554232 _____ () C:\Users\mKorisnik\Downloads\SkinEdit Alpha 3 pre 7.zip
2014-08-21 16:29 - 2014-08-21 16:14 - 00000000 ____D () C:\Users\mKorisnik\Documents\Klip sa ivanom
2014-08-21 16:22 - 2014-08-21 16:22 - 00001906 _____ () C:\Users\mKorisnik\Desktop\IrfanView Thumbnails.lnk
2014-08-21 16:22 - 2014-08-21 16:22 - 00001014 _____ () C:\Users\mKorisnik\Desktop\IrfanView.lnk
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\IrfanView
2014-08-21 16:22 - 2014-08-21 16:22 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-08-21 16:10 - 2014-07-08 19:59 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Audacity
2014-08-18 14:33 - 2013-08-22 15:25 - 00786432 ___SH () C:\Windows\system32\config\BBI
2014-08-18 14:31 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-08-18 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-18 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-08-18 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-08-18 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-08-18 14:21 - 2014-08-18 14:20 - 01898640 _____ (Irfan Skiljan) C:\Users\mKorisnik\Downloads\iview438_setup.exe
2014-08-17 20:50 - 2013-08-22 16:46 - 00028186 _____ () C:\Windows\setupact.log
2014-08-16 17:10 - 2014-08-16 17:10 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\LogMeIn
2014-08-16 17:10 - 2014-08-16 17:10 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-16 17:09 - 2014-08-16 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-16 17:09 - 2014-08-16 17:09 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-08-16 17:06 - 2014-08-16 17:06 - 08499200 _____ () C:\Users\mKorisnik\Downloads\hamachi.msi
2014-08-15 15:48 - 2014-08-15 15:34 - 00000000 ____D () C:\Users\mKorisnik\Documents\hunger games savjeti
2014-08-15 13:37 - 2014-06-16 15:26 - 00000000 ____D () C:\Users\mKorisnik\Documents\intro
2014-08-15 11:30 - 2014-05-30 03:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-15 11:30 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-15 11:28 - 2014-07-17 20:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 11:23 - 2014-07-17 20:25 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 11:20 - 2014-07-21 08:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 19:01 - 2014-08-14 19:00 - 00000000 ____D () C:\Users\mKorisnik\Documents\Untitled
2014-08-14 18:54 - 2014-07-17 15:13 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\Windows Live
2014-08-14 13:34 - 2014-08-14 13:34 - 00675988 _____ () C:\Users\mKorisnik\Downloads\Minecraft.exe
2014-08-14 12:57 - 2014-08-14 12:57 - 01102554 _____ () C:\Users\mKorisnik\Downloads\perise.bmp
2014-08-13 04:57 - 2014-07-18 14:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 04:57 - 2013-11-19 07:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 04:57 - 2013-08-22 13:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 04:57 - 2013-08-22 13:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 04:57 - 2013-08-22 13:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 04:57 - 2013-08-22 13:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 04:57 - 2013-08-22 13:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 04:57 - 2013-08-22 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 04:57 - 2013-08-22 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 04:57 - 2013-08-22 05:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 04:57 - 2013-08-22 05:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 04:57 - 2013-08-22 05:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 04:57 - 2013-08-22 05:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 04:57 - 2013-08-22 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 04:56 - 2014-07-18 14:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 04:56 - 2013-08-22 12:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 04:55 - 2013-09-30 06:14 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-08-13 04:50 - 2014-07-19 11:00 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-13 01:00 - 2014-08-13 01:00 - 04575232 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-08-12 13:59 - 2014-07-30 17:20 - 00000000 ____D () C:\ProgramData\MCShield
2014-08-10 16:48 - 2014-08-10 16:48 - 00003108 _____ () C:\Windows\System32\Tasks\{F2B1952C-78B3-4562-B1ED-2023D725128A}
2014-08-10 16:27 - 2014-06-18 15:06 - 00020480 ___SH () C:\Users\mKorisnik\Thumbs.db
2014-08-10 16:11 - 2014-06-10 19:40 - 00000000 ____D () C:\Users\mKorisnik\Documents\Rockstar Games
2014-08-10 16:08 - 2014-08-10 16:08 - 00401418 _____ () C:\Users\mKorisnik\Downloads\chrome_icon_blue_black_mkii_by_jrathage-d68y53g.zip
2014-08-10 16:06 - 2014-07-12 12:58 - 00000000 ____D () C:\Users\mKorisnik\Documents\PassMark
2014-08-10 15:53 - 2014-08-10 15:53 - 00605751 _____ () C:\Users\mKorisnik\Downloads\google_chrome_icon_blue_by_greasybacon-d1puu76.zip
2014-08-07 17:54 - 2014-08-07 17:32 - 00000000 ____D () C:\Users\mKorisnik\Documents\pobdaaaaa
2014-08-07 14:22 - 2014-08-07 14:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-08-07 12:36 - 2014-05-10 05:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telenor Internet
2014-08-07 12:36 - 2014-05-10 05:47 - 00000000 ____D () C:\Program Files (x86)\Telenor Internet
2014-08-07 04:12 - 2014-08-13 04:57 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-07 03:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-07 00:39 - 2014-08-13 04:57 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-07 00:38 - 2014-08-13 04:58 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 18:49 - 2014-08-06 18:49 - 00785243 _____ () C:\Users\mKorisnik\Downloads\OptiFine_1.7.2_HD_D1.jar
2014-08-06 18:28 - 2014-08-06 18:28 - 01080480 _____ (Unity Technologies ApS) C:\Users\mKorisnik\Downloads\UnityWebPlayer.exe
2014-08-06 16:06 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-06 15:45 - 2014-05-30 03:41 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-06 15:44 - 2014-08-06 15:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-06 15:44 - 2014-08-06 15:44 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-06 15:44 - 2014-05-30 03:41 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-06 15:44 - 2014-05-30 03:41 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-06 15:37 - 2014-05-10 06:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-05 17:18 - 2014-08-05 17:18 - 00000000 ____D () C:\Users\mKorisnik\AppData\Local\AAA_Internet_Publishing,_
2014-08-05 13:55 - 2014-07-03 22:44 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2014-08-05 12:45 - 2014-08-05 12:45 - 00989560 _____ (are) C:\Users\mKorisnik\Downloads\Sad Piano & Violin Song.mp3.exe
2014-08-02 15:00 - 2014-05-11 02:29 - 00000000 ____D () C:\Users\mKorisnik\AppData\Roaming\Sony
2014-08-02 07:44 - 2014-08-13 04:58 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-02 05:56 - 2014-08-13 04:57 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-02 05:11 - 2014-08-13 04:58 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-02 02:17 - 2014-07-21 08:18 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2014-07-21 08:18 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\mKorisnik\AppData\Local\Temp\aacenc3.exe
C:\Users\mKorisnik\AppData\Local\Temp\BackupSetup.exe
C:\Users\mKorisnik\AppData\Local\Temp\(zabranjeno) and Setup__4006_il27.exe
C:\Users\mKorisnik\AppData\Local\Temp\DeltaTB.exe
C:\Users\mKorisnik\AppData\Local\Temp\DSSExp.exe
C:\Users\mKorisnik\AppData\Local\Temp\ffmpeg17.exe
C:\Users\mKorisnik\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\mKorisnik\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\mKorisnik\AppData\Local\Temp\mp3el2.exe
C:\Users\mKorisnik\AppData\Local\Temp\SRLDetectionLibrary5211777262149995015.dll
C:\Users\mKorisnik\AppData\Local\Temp\txfydfim.dll
C:\Users\mKorisnik\AppData\Local\Temp\ubi6CD1.tmp.exe
C:\Users\mKorisnik\AppData\Local\Temp\Uninstall.exe
C:\Users\mKorisnik\AppData\Local\Temp\uttB3CA.tmp.exe
C:\Users\mKorisnik\AppData\Local\Temp\x264enc6.exe
C:\Users\mKorisnik\AppData\Local\Temp\xmlUpdater.exe
C:\Users\mKorisnik\AppData\Local\Temp\_is4B7B.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-28 14:51

==================== End Of Log ============================


Evo i addition

https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Korak 1

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt



Korak 2

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

process;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadržaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Evo adwcleaner

https://www.mycity.rs/must-login.png

Evo i zoek
Zoek.exe v5.0.0.0 Updated 31-08-2014
Tool run by mKorisnik on Mon 09/01/2014 at 19:11:15.92.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\mKorisnik\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

9/1/2014 19:13:51 Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Telenor Internet\BackgroundService\ServiceManager.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-08-28 05:46:16 A845F812619E8568DCE9EC71CF02483E 692050883 ----a-w- C:\Windows\MEMORY.DMP
2014-08-06 13:44:44 357CEBBCD99C8928A2D1A61A6CACC168 43152 ----a-w- C:\Windows\avastSS.scr
====== C:\Users\MKORIS~1\AppData\Local\Temp ====
2014-08-26 15:03:00 35DA2BF2BEFD998980A495B6F4F55E60 4479832 ----a-w- C:\Users\mKorisnik\AppData\Local\Temp\Mirillis\vcredist_x86\vcredist_x86.exe
====== Java Cache =====
2014-08-05 10:43:44 D9D40F8EEEDEE656CA6C6C1BF0B6587B 8913 ----a-w- C:\Users\mKorisnik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\7d7caccf-5aab2100
====== C:\Windows\SysWOW64 =====
2014-09-01 17:02:49 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\SysWOW64\sqlite3.dll
2014-08-30 15:47:15 694F54BD227916B89FC3EB1DB53F0685 809496 ----a-r- C:\Windows\SysWOW64\tmp3952.tmp
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-08-13 03:01:04 313DCE665B57000B18CB26C6B6A10DFE 1557848 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
2014-08-13 03:00:24 7A1A3F213CDB3363D179D5014272025D 402432 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys
2014-08-13 03:00:22 674A4702E4E144E8710ED1A2EC6DD049 96768 ----a-w- C:\Windows\Sysnative\drivers\agilevpn.sys
2014-08-13 03:00:19 65ED7B9CFEA893DF7748D5FF692690DE 38912 ----a-w- C:\Windows\Sysnative\drivers\vwifimp.sys
2014-08-13 03:00:17 35BF5C5F5E3C9902C98978C7640574DA 71680 ----a-w- C:\Windows\Sysnative\drivers\vwififlt.sys
2014-08-13 03:00:10 5C42CEE3E2018E1DFC6E3E17240A432A 206848 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys
2014-08-13 02:58:21 25AC0B50A71938890970E1508F107196 2518360 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2014-08-13 02:58:19 FE0ADF5028EB8C1339B66B3AEDE3FEF9 440664 -c--a-w- C:\Windows\Sysnative\drivers\usbport.sys
2014-08-13 02:58:19 93435654DCA210298BA0F986EB51C679 419672 -c--a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2014-08-13 02:58:19 83C9C45D59C72FEFDAE9A5686BE31FEA 467800 -c--a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS
2014-08-13 02:58:19 7CCBBCEE408A5DBE3FE47297DB5A6CFC 227840 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys
2014-08-13 02:58:18 D537815E450A149752C15868392AD1F3 110592 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys
2014-08-13 02:58:18 48BA326A3DBA5B5BEB5F2777F4618696 89944 -c--a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2014-08-13 02:58:18 064260B3A5868AC894A4943543BC7AB7 37376 -c--a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2014-08-13 02:58:17 D79920BE4E6683D3AB50F71457A4F6C6 27480 -c--a-w- C:\Windows\Sysnative\drivers\usbd.sys
2014-08-07 12:22:11 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-08-06 13:44:58 D95E64416A4A3ED6986E0F474DA934BD 29208 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys
====== C:\Windows\Tasks ======
2014-08-10 14:48:56 91667673FC1144B221E88DF88C0C7453 3108 ----a-w- C:\Windows\Sysnative\Tasks\{F2B1952C-78B3-4562-B1ED-2023D725128A}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-09-01 14:22:27 -------- d-----w- C:\Program Files\MAXON
======= C:\PROGRA~2 =====
2014-08-26 15:04:10 -------- d-----w- C:\PROGRA~2\Mirillis
2014-08-21 14:22:09 -------- d-----w- C:\PROGRA~2\IrfanView
======= C: =====
====== C:\Users\mKorisnik\AppData\Roaming ======
2014-09-01 14:20:29 -------- d-----w- C:\Users\mKorisnik\AppData\Roaming\MAXON
2014-08-26 15:04:13 -------- d-----w- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-08-21 14:22:09 -------- d-----w- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-08-21 14:22:09 -------- d-----w- C:\Users\mKorisnik\AppData\Roaming\IrfanView
2014-08-18 12:32:56 FFD9631DB9D444B47B476B792DB25C25 316200 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2014-08-06 16:28:33 -------- d-----w- C:\Users\mKorisnik\AppData\Local\Unity
2014-08-06 16:28:32 -------- d-----w- C:\Users\mKorisnik\AppData\Locallow\Unity
2014-08-05 15:18:49 -------- d-----w- C:\Users\mKorisnik\AppData\Local\AAA_Internet_Publishing,_
====== C:\Users\mKorisnik ======
2014-09-01 16:59:59 9DED4724D695CFB01960426DA011ABAE 1364531 ----a-w- C:\Users\mKorisnik\Desktop\AdwCleaner.exe
2014-09-01 15:36:04 2EBC0AB478ED94F2443319AF48176A04 2104832 ----a-w- C:\Users\mKorisnik\Desktop\FRST64.exe
2014-09-01 15:34:18 2EBC0AB478ED94F2443319AF48176A04 2104832 ----a-w- C:\Users\mKorisnik\Downloads\FRST64.exe
2014-09-01 15:02:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2014-08-22 10:41:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft

====== C: exe-files ==
2014-09-01 16:59:59 9DED4724D695CFB01960426DA011ABAE 1364531 ----a-w- C:\Users\mKorisnik\Desktop\AdwCleaner.exe
2014-09-01 15:36:04 2EBC0AB478ED94F2443319AF48176A04 2104832 ----a-w- C:\Users\mKorisnik\Desktop\FRST64.exe
2014-09-01 15:34:18 2EBC0AB478ED94F2443319AF48176A04 2104832 ----a-w- C:\Users\mKorisnik\Downloads\FRST64.exe
2014-08-26 15:04:13 9BEBCC0C23A6750144875AE7B1103CD3 9662 ----a-r- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Installer\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}\_D027E23F28306A97A61AB4.exe
2014-08-26 15:04:13 9BEBCC0C23A6750144875AE7B1103CD3 9662 ----a-r- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Installer\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}\_1B094BFD4F46B56DFF1D72.exe
2014-08-26 15:04:13 7F07DA54286C279C56D20B0B549E657F 287934 ----a-r- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Installer\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}\_C745A3DB8CF9128B0B6BC4.exe
2014-08-26 15:04:13 7F07DA54286C279C56D20B0B549E657F 287934 ----a-r- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Installer\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}\_B91E9695AEAA81D2CD13FD.exe
2014-08-26 15:04:13 7F07DA54286C279C56D20B0B549E657F 287934 ----a-r- C:\Users\mKorisnik\AppData\Roaming\Microsoft\Installer\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}\_6FEFF9B68218417F98F549.exe
2014-08-26 15:03:00 35DA2BF2BEFD998980A495B6F4F55E60 4479832 ----a-w- C:\Users\mKorisnik\AppData\Local\Temp\Mirillis\vcredist_x86\vcredist_x86.exe
=== C: other files ==
2014-09-01 15:49:34 F935D356BE6A4CC3619343BB54E9878E 9047 ----a-w- C:\Users\mKorisnik\AppData\Roaming\MAXON\CINEMA 4D R14_4A9E4467\updates\content\20130422100403_e73c9b55.zip
2014-09-01 14:41:31 BA736B1CCB36DAB159FE7F2F32AFB552 56812368 ----a-w- C:\Users\mKorisnik\AppData\Roaming\.minecraft\resourcepacks\MuamerBa.zip
2014-09-01 14:22:09 95B2EC7ED803BA930AEA2E29D326246F 17462 ----a-r- C:\Program Files\MAXON\CINEMA 4D R14\resource\updates\content\20120704103046_6b6c7ac2.zip
2014-09-01 14:22:09 4C629B82CD31032EC457942684C0D0A4 24888 ----a-r- C:\Program Files\MAXON\CINEMA 4D R14\resource\updates\content\20120704103046_66a15111.zip
2014-09-01 14:22:09 21F339E640B18D8D1580097BEEACA490 17944 ----a-r- C:\Program Files\MAXON\CINEMA 4D R14\resource\updates\content\20120704103046_a64aa7d0.zip
2014-09-01 14:22:09 1046ADE034E541436AEAD2BF8DABAEE0 17622 ----a-r- C:\Program Files\MAXON\CINEMA 4D R14\resource\updates\content\20120704103046_078323e9.zip
2014-08-29 16:44:35 EA9C5100DFFE2DCB3B26B63A2EB2ECE4 14822887 ----a-w- C:\Users\mKorisnik\Desktop\tekstura moja.zip
2014-08-29 14:59:47 2E101E9EA49041C95C46C371C8B32F1A 27080764 ----a-w- C:\Users\mKorisnik\Desktop\Huahwi_Resource_Pack_64x_1.7.zip
2014-08-29 14:58:48 252582F2B31961F13D8ACF39EC74A47A 14822424 ----a-w- C:\Users\mKorisnik\AppData\Roaming\.minecraft\resourcepacks\tekstura moja.zip
2014-08-28 14:16:04 C22B7185FB6BB7BA4EF4650A926E432F 28974683 ----a-w- C:\Users\mKorisnik\AppData\Roaming\.minecraft\resourcepacks\Mamont PVP texturepack 1.7.4.zip
2014-08-26 15:07:40 3F2A42585DCE14A24E529DD0FD22B5F9 84888455 ----a-w- C:\Users\mKorisnik\AppData\Roaming\.minecraft\resourcepacks\CreepyCraft Fixed Swords #4 Pvp Texture Pack [1.7] .zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3483190843-2739031058-4271042174-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\mKorisnik\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"DAEMON Tools Lite"="D:\DAEMON Tools Lite\DTLite.exe -autorun"
"ViStart"="C:\Users\mKorisnik\AppData\Roaming\ViStart\ViStart.exe"
"StartMenuX98"="C:\Program Files\Start Menu X\StartMenuX.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"MCShield Monitor"="C:\Program Files (x86)\MCShield\MCShieldRTM.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe"
"Telenor_Montenegro Imola ModemListener"="C:\Program Files (x86)\Telenor Internet\BackgroundService\ModemListener.exe start"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\mKorisnik\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"DAEMON Tools Lite"="D:\DAEMON Tools Lite\DTLite.exe -autorun"
"ViStart"="C:\Users\mKorisnik\AppData\Roaming\ViStart\ViStart.exe"
"StartMenuX98"="C:\Program Files\Start Menu X\StartMenuX.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"MCShield Monitor"="C:\Program Files (x86)\MCShield\MCShieldRTM.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Folders ======================

2014-05-11 18:48:59 2062 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/12/2014 14:09]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/12/2014 14:09]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-m-mKorisnik" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{B320FDD8-3D31-4FB3-8207-606CBCE5967A}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{F2B1952C-78B3-4562-B1ED-2023D725128A}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}"="C:\Program Files (x86)\RelevantKnowledge\firefox" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\MKORIS~1\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default
- SNT - %ProfilePath%\extensions\fnvg8yhhn@acmwfe.co.uk
- WinToFlash Suggestor - %ProfilePath%\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[08/06/2014 15:44]

SNT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
Flash Savings - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
Flash Savings - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
Flash Savings - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
SNT - mKorisnik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - mKorisnik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - mKorisnik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - mKorisnik\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
Google Docs - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Last updated at time on date - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch
Gmail - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
SNT - mKorisnik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bnjfibodnkebcfiihbceildojdlfgemi
YoutubeAdblocker - mKorisnik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jkccdpekklmkhkkcacmgdfbofoingjpm
save on - mKorisnik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ndgpnkocndgebhfbmhmohnnofkmepemo
Flash Savings - mKorisnik\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} Ask.com Url="http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=128&systemid=488&v=a13277-343&apn_uid=4335259831474092&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Mon 09/01/2014 at 19:21:22.22 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sljedeći tekst:

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions];r
"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}"=-;r
SNT;ff
{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi;ff
bnjfibodnkebcfiihbceildojdlfgemi;chr
jkccdpekklmkhkkcacmgdfbofoingjpm;chr
ndgpnkocndgebhfbmhmohnnofkmepemo;chr
niloccemoadcdkdjlinkgdfekeahmflj;chr
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488};c
emptyalltemp;
emptyclsid;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


Zoek će po potrebi restartovati Windows, a na kraju rada otvoriti Notepad sa izvještajem o skeniranju.

Napomena: Izvještaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadržaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Evo
Zoek.exe v5.0.0.0 Updated 04-August-2014
Tool run by mKorisnik on Wed 09/03/2014 at 15:55:00.43.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MKORIS~1\AppData\Local\Temp\Rar$DIa0.082\zoek.scr [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-09-01-172122.log 20438 bytes
C:\zoek-results2014-09-02-161405.log 22614 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\MKORIS~1\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20140903_1622_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}"=-

==== Deleting Files \ Folders ======================

C:\Users\mKorisnik\Searches deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [08/06/2014 15:44]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\mKorisnik\AppData\Roaming\Mozilla\Firefox\Profiles\xqoommk5.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[08/06/2014 15:44]

Google Docs - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Last updated at time on date - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch
Gmail - mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\mKorisnik\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\mKorisnik\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\mKorisnik\AppData\Local\Mozilla\Firefox\Profiles\xqoommk5.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\mKorisnik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=296 folders=104 10569878 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\mKorisnik\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\MKORIS~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Wed 09/03/2014 at 16:42:47.49 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;


• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.




>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.




Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.