MyCity » Ambulanta -> Arhiva Ambulante » Provjera (nemam nikakvih problema)

Provjera (nemam nikakvih problema)

Napisano na dan: 16.10.2016

Provjera (nemam nikakvih problema)

Sledeća strana

Pagination

Odgovori

11neco11 Poslao: 16 Okt 2016 21:34 Idi na vrh
offline 11neco11 Elitni građanin Nemanja Djukanovic Pridružio: 18 Dec 2012 Poruke: 1761 Gde živiš: Niksic - Crna Gora	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 16 Okt 2016 3:15 Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-10-2016 Ran by NeCo (administrator) on DESKTOP-MC22DF7 (16-10-2016 03:06:56) Running from C:\Users\NeCo\Downloads Loaded Profiles: NeCo (Available Profiles: NeCo) Platform: Windows 10 Pro (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2016-01-21] (Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1844280 2016-09-30] (NVIDIA Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation) HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\.com <====== ATTENTION HKLM Group Policy restriction on software: .docx.scr <====== ATTENTION HKLM Group Policy restriction on software: .jpeg.cmd <====== ATTENTION HKLM Group Policy restriction on software: C:\Users\.cmd <====== ATTENTION HKLM Group Policy restriction on software: .txt.bat <====== ATTENTION HKLM Group Policy restriction on software: .rar.cmd <====== ATTENTION HKLM Group Policy restriction on software: .divx.scr <====== ATTENTION HKLM Group Policy restriction on software: .zip.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.scr <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\.js <====== ATTENTION HKLM Group Policy restriction on software: .rar.exe <====== ATTENTION HKLM Group Policy restriction on software: .zip.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\.exe <====== ATTENTION HKLM Group Policy restriction on software: .jpeg.js <====== ATTENTION HKLM Group Policy restriction on software: .rar.com <====== ATTENTION HKLM Group Policy restriction on software: .gif.jse <====== ATTENTION HKLM Group Policy restriction on software: .gif.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\\.cmd <====== ATTENTION HKLM Group Policy restriction on software: .wma.com <====== ATTENTION HKLM Group Policy restriction on software: .wmv.js <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\\.exe <====== ATTENTION HKLM Group Policy restriction on software: .wmv.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\.com <====== ATTENTION HKLM Group Policy restriction on software: .xlsx.scr <====== ATTENTION HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\\.exe <====== ATTENTION HKLM Group Policy restriction on software: .wav.scr <====== ATTENTION HKLM Group Policy restriction on software: .wav.pif <====== ATTENTION HKLM Group Policy restriction on software: C:\Users\.pif <====== ATTENTION HKLM Group Policy restriction on software: .wav.cmd <====== ATTENTION HKLM Group Policy restriction on software: .mp4.com <====== ATTENTION HKLM Group Policy restriction on software: C:\Users\.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\\.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\\.bat <====== ATTENTION HKLM Group Policy restriction on software: .txt.js <====== ATTENTION HKLM Group Policy restriction on software: .wav.jse <====== ATTENTION HKLM Group Policy restriction on software: .doc.com <====== ATTENTION HKLM Group Policy restriction on software: .rar.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\.com <====== ATTENTION HKLM Group Policy restriction on software: .xls.exe <====== ATTENTION HKLM Group Policy restriction on software: .xlsx.com <====== ATTENTION HKLM Group Policy restriction on software: .xlsx.jse <====== ATTENTION HKLM Group Policy restriction on software: .ppt.cmd <====== ATTENTION HKLM Group Policy restriction on software: .pub.bat <====== ATTENTION HKLM Group Policy restriction on software: .wmv.jse <====== ATTENTION HKLM Group Policy restriction on software: .pptx.pif <====== ATTENTION HKLM Group Policy restriction on software: .rtf.com <====== ATTENTION HKLM Group Policy restriction on software: .png.js <====== ATTENTION HKLM Group Policy restriction on software: .mp4.js <====== ATTENTION HKLM Group Policy restriction on software: .txt.pif <====== ATTENTION HKLM Group Policy restriction on software: .docx.exe <====== ATTENTION HKLM Group Policy restriction on software: C:\Users\.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.pif <====== ATTENTION HKLM Group Policy restriction on software: .divx.pif <====== ATTENTION HKLM Group Policy restriction on software: .jpg.jse <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\\.bat <====== ATTENTION HKLM Group Policy restriction on software: .zip.js <====== ATTENTION HKLM Group Policy restriction on software: .avi.com <====== ATTENTION HKLM Group Policy restriction on software: .pptx.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\.com <====== ATTENTION HKLM Group Policy restriction on software: .xlsx.bat <====== ATTENTION HKLM Group Policy restriction on software: .txt.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\\.scr <====== ATTENTION HKLM Group Policy restriction on software: %programfiles%\\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: .xlsx.cmd <====== ATTENTION HKLM Group Policy restriction on software: .avi.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\\.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\.bat <====== ATTENTION HKLM Group Policy restriction on software: .mp3.cmd <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\\.cmd <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\.com <====== ATTENTION HKLM Group Policy restriction on software: .bmp.js <====== ATTENTION HKLM Group Policy restriction on software: .jpg.exe <====== ATTENTION HKLM Group Policy restriction on software: .bmp.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\\.scr <====== ATTENTION HKLM Group Policy restriction on software: .jpeg.pif <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\.cmd <====== ATTENTION HKLM Group Policy restriction on software: .jpg.js <====== ATTENTION HKLM Group Policy restriction on software: .bmp.scr <====== ATTENTION HKLM Group Policy restriction on software: .pub.jse <====== ATTENTION HKLM Group Policy restriction on software: .ppt.scr <====== ATTENTION HKLM Group Policy restriction on software: .wma.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\.js <====== ATTENTION HKLM Group Policy restriction on software: .wma.scr <====== ATTENTION HKLM Group Policy restriction on software: .bmp.bat <====== ATTENTION HKLM Group Policy restriction on software: .txt.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\\.js <====== ATTENTION HKLM Group Policy restriction on software: .pdf.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\.cmd <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\.pif <====== ATTENTION HKLM Group Policy restriction on software: .pdf.com <====== ATTENTION HKLM Group Policy restriction on software: .gif.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\.scr <====== ATTENTION HKLM Group Policy restriction on software: .ppt.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.bat <====== ATTENTION HKLM Group Policy restriction on software: .mp4.exe <====== ATTENTION HKLM Group Policy restriction on software: .png.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\.jse <====== ATTENTION HKLM Group Policy restriction on software: .pub.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\.jse <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\.bat <====== ATTENTION HKLM Group Policy restriction on software: .pub.com <====== ATTENTION HKLM Group Policy restriction on software: .gif.pif <====== ATTENTION HKLM Group Policy restriction on software: .txt.cmd <====== ATTENTION HKLM Group Policy restriction on software: .txt.jse <====== ATTENTION HKLM Group Policy restriction on software: .mp4.bat <====== ATTENTION HKLM Group Policy restriction on software: .wav.bat <====== ATTENTION HKLM Group Policy restriction on software: .jpeg.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\.pif <====== ATTENTION HKLM Group Policy restriction on software: .gif.js <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\\.pif <====== ATTENTION HKLM Group Policy restriction on software: .pdf.scr <====== ATTENTION HKLM Group Policy restriction on software: .xls.jse <====== ATTENTION HKLM Group Policy restriction on software: .jpeg.exe <====== ATTENTION HKLM Group Policy restriction on software: .docx.pif <====== ATTENTION HKLM Group Policy restriction on software: .rar.js <====== ATTENTION HKLM Group Policy restriction on software: .xls.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\\.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\\.com <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\\.scr <====== ATTENTION HKLM Group Policy restriction on software: .png.jse <====== ATTENTION HKLM Group Policy restriction on software: * <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\\.jse <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\.cmd <====== ATTENTION HKLM Group Policy restriction on software: .divx.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\.bat <====== ATTENTION HKLM Group Policy restriction on software: .docx.bat <====== ATTENTION HKLM Group Policy restriction on software: .zip.scr <====== ATTENTION HKLM Group Policy restriction on software: .rtf.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\.js <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\.cmd <====== ATTENTION HKLM Group Policy restriction on software: .jpg.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\.exe <====== ATTENTION HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION HKLM Group Policy restriction on software: .zip.exe <====== ATTENTION HKLM Group Policy restriction on software: .wmv.bat <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\.jse <====== ATTENTION HKLM Group Policy restriction on software: .mp3.com <====== ATTENTION HKLM Group Policy restriction on software: .rar.scr <====== ATTENTION HKLM Group Policy restriction on software: .wma.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\\.cmd <====== ATTENTION HKLM Group Policy restriction on software: .divx.bat <====== ATTENTION HKLM Group Policy restriction on software: .avi.cmd <====== ATTENTION HKLM Group Policy restriction on software: .pptx.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\.exe <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\.js <====== ATTENTION HKLM Group Policy restriction on software: .pptx.jse <====== ATTENTION HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION HKLM Group Policy restriction on software: .rar.jse <====== ATTENTION HKLM Group Policy restriction on software: C:\Users\.exe <====== ATTENTION HKLM Group Policy restriction on software: .mp3.bat <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\.exe <====== ATTENTION HKLM Group Policy restriction on software: .rtf.pif <====== ATTENTION HKLM Group Policy restriction on software: .png.pif <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\.com <====== ATTENTION HKLM Group Policy restriction on software: .7z.com <====== ATTENTION HKLM Group Policy restriction on software: .7z.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\.cmd <====== ATTENTION HKLM Group Policy restriction on software: .zip.pif <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\.com <====== ATTENTION HKLM Group Policy restriction on software: .pdf.cmd <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\.com <====== ATTENTION HKLM Group Policy restriction on software: .doc.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.cmd <====== ATTENTION HKLM Group Policy restriction on software: .gif.bat <====== ATTENTION HKLM Group Policy restriction on software: .png.bat <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\.bat <====== ATTENTION HKLM Group Policy restriction on software: .ppt.exe <====== ATTENTION HKLM Group Policy restriction on software: .doc.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\.bat <====== ATTENTION HKLM Group Policy restriction on software: .avi.js <====== ATTENTION HKLM Group Policy restriction on software: .zip.cmd <====== ATTENTION HKLM Group Policy restriction on software: .bmp.cmd <====== ATTENTION HKLM Group Policy restriction on software: .rar.pif <====== ATTENTION HKLM Group Policy restriction on software: .jpeg.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\\.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\.bat <====== ATTENTION HKLM Group Policy restriction on software: .mp3.pif <====== ATTENTION HKLM Group Policy restriction on software: .xls.scr <====== ATTENTION HKLM Group Policy restriction on software: .png.cmd <====== ATTENTION HKLM Group Policy restriction on software: .7z.exe <====== ATTENTION HKLM Group Policy restriction on software: .pptx.cmd <====== ATTENTION HKLM Group Policy restriction on software: .png.com <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\.jse <====== ATTENTION HKLM Group Policy restriction on software: .mp4.cmd <====== ATTENTION HKLM Group Policy restriction on software: .xls.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\.bat <====== ATTENTION HKLM Group Policy restriction on software: .doc.exe <====== ATTENTION HKLM Group Policy restriction on software: %programfiles(x86)%\\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.exe <====== ATTENTION HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION HKLM Group Policy restriction on software: .xlsx.exe <====== ATTENTION HKLM Group Policy restriction on software: .wmv.com <====== ATTENTION HKLM Group Policy restriction on software: .bmp.com <====== ATTENTION HKLM Group Policy restriction on software: .mp3.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\.pif <====== ATTENTION HKLM Group Policy restriction on software: .doc.scr <====== ATTENTION HKLM Group Policy restriction on software: .pub.js <====== ATTENTION HKLM Group Policy restriction on software: .jpg.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\\.js <====== ATTENTION HKLM Group Policy restriction on software: .avi.jse <====== ATTENTION HKLM Group Policy restriction on software: .7z.jse <====== ATTENTION HKLM Group Policy restriction on software: .mp4.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\.scr <====== ATTENTION HKLM Group Policy restriction on software: .pub.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\.jse <====== ATTENTION HKLM Group Policy restriction on software: .doc.jse <====== ATTENTION HKLM Group Policy restriction on software: .ppt.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\.js <====== ATTENTION HKLM Group Policy restriction on software: .7z.scr <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\.jse <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\.exe <====== ATTENTION HKLM Group Policy restriction on software: .7z.cmd <====== ATTENTION HKLM Group Policy restriction on software: .mp3.jse <====== ATTENTION HKLM Group Policy restriction on software: .pdf.exe <====== ATTENTION HKLM Group Policy restriction on software: .doc.cmd <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\.scr <====== ATTENTION HKLM Group Policy restriction on software: .7z.bat <====== ATTENTION HKLM Group Policy restriction on software: .avi.bat <====== ATTENTION HKLM Group Policy restriction on software: .avi.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\\.pif <====== ATTENTION HKLM Group Policy restriction on software: .jpg.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.com <====== ATTENTION HKLM Group Policy restriction on software: %systemdrive%\\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\.exe <====== ATTENTION HKLM Group Policy restriction on software: .xlsx.pif <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\.bat <====== ATTENTION HKLM Group Policy restriction on software: .pdf.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\.scr <====== ATTENTION HKLM Group Policy restriction on software: .rtf.cmd <====== ATTENTION HKLM Group Policy restriction on software: .wav.com <====== ATTENTION HKLM Group Policy restriction on software: .wmv.pif <====== ATTENTION HKLM Group Policy restriction on software: .jpeg.com <====== ATTENTION HKLM Group Policy restriction on software: .docx.com <====== ATTENTION HKLM Group Policy restriction on software: .ppt.bat <====== ATTENTION HKLM Group Policy restriction on software: .docx.js <====== ATTENTION HKLM Group Policy restriction on software: .divx.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\\.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.jse <====== ATTENTION HKLM Group Policy restriction on software: .rtf.js <====== ATTENTION HKLM Group Policy restriction on software: .wma.js <====== ATTENTION HKLM Group Policy restriction on software: .zip.bat <====== ATTENTION HKLM Group Policy restriction on software: .pptx.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\.scr <====== ATTENTION HKLM Group Policy restriction on software: .mp3.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\\.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\.js <====== ATTENTION HKLM Group Policy restriction on software: .mp4.pif <====== ATTENTION HKLM Group Policy restriction on software: .xls.cmd <====== ATTENTION HKLM Group Policy restriction on software: .wav.exe <====== ATTENTION HKLM Group Policy restriction on software: .gif.cmd <====== ATTENTION HKLM Group Policy restriction on software: .docx.cmd <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\.exe <====== ATTENTION HKLM Group Policy restriction on software: .jpeg.jse <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\.js <====== ATTENTION HKLM Group Policy restriction on software: .pptx.com <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\.pif <====== ATTENTION HKLM Group Policy restriction on software: .wav.js <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\.com <====== ATTENTION HKLM Group Policy restriction on software: .xls.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\\.pif <====== ATTENTION HKLM Group Policy restriction on software: .gif.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\.cmd <====== ATTENTION HKLM Group Policy restriction on software: .7z.pif <====== ATTENTION HKLM Group Policy restriction on software: .doc.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\.scr <====== ATTENTION HKLM Group Policy restriction on software: .jpg.bat <====== ATTENTION HKLM Group Policy restriction on software: .ppt.js <====== ATTENTION HKLM Group Policy restriction on software: .pdf.bat <====== ATTENTION HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION HKLM Group Policy restriction on software: .pptx.exe <====== ATTENTION HKLM Group Policy restriction on software: .wmv.exe <====== ATTENTION HKLM Group Policy restriction on software: .rtf.exe <====== ATTENTION HKLM Group Policy restriction on software: .wma.exe <====== ATTENTION HKLM Group Policy restriction on software: .rtf.scr <====== ATTENTION HKLM Group Policy restriction on software: .wma.bat <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\.exe <====== ATTENTION HKLM Group Policy restriction on software: .divx.jse <====== ATTENTION HKLM Group Policy restriction on software: C:\Users\.scr <====== ATTENTION HKLM Group Policy restriction on software: .pub.scr <====== ATTENTION HKLM Group Policy restriction on software: .jpg.pif <====== ATTENTION HKLM Group Policy restriction on software: .xlsx.js <====== ATTENTION HKLM Group Policy restriction on software: :\$Recycle.Bin <====== ATTENTION HKLM Group Policy restriction on software: .pdf.js <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\.cmd <====== ATTENTION HKLM Group Policy restriction on software: .bmp.jse <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\.pif <====== ATTENTION HKLM Group Policy restriction on software: .ppt.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\.exe <====== ATTENTION HKLM Group Policy restriction on software: .mp4.scr <====== ATTENTION HKLM Group Policy restriction on software: .divx.com <====== ATTENTION HKLM Group Policy restriction on software: .divx.cmd <====== ATTENTION HKLM Group Policy restriction on software: .wmv.scr <====== ATTENTION HKLM Group Policy restriction on software: .png.exe <====== ATTENTION HKLM Group Policy restriction on software: .txt.scr <====== ATTENTION HKLM Group Policy restriction on software: .mp3.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\.jse <====== ATTENTION HKLM Group Policy restriction on software: .docx.jse <====== ATTENTION HKLM Group Policy restriction on software: .wma.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\\.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\.jse <====== ATTENTION HKLM Group Policy restriction on software: .xls.js <====== ATTENTION HKLM Group Policy restriction on software: .rtf.bat <====== ATTENTION HKLM Group Policy restriction on software: .avi.pif <====== ATTENTION HKLM Group Policy restriction on software: C:\Users\.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\.exe <====== ATTENTION HKLM Group Policy restriction on software: .pub.pif <====== ATTENTION HKLM Group Policy restriction on software: .bmp.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\bittorrent\bittorrent.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\bittorrent\bittorrent.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\bittorrent\bittorrent.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\bittorrent\bittorrent.exe <====== ATTENTION HKU\S-1-5-21-3848309189-887869503-2317778804-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29642368 2016-09-12] (Skype Technologies S.A.) HKU\S-1-5-21-3848309189-887869503-2317778804-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd) HKU\S-1-5-21-3848309189-887869503-2317778804-1001\...\Run: [BitTorrent] => C:\Users\NeCo\AppData\Roaming\BitTorrent\BitTorrent.exe [1979080 2016-10-14] (BitTorrent Inc.) HKU\S-1-5-21-3848309189-887869503-2317778804-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-3848309189-887869503-2317778804-1001\...\Run: [EvolveClient] => E:\Program files\EVOLVE\EvolveClient.exe [3334528 2016-10-12] (Echobit LLC) HKU\S-1-5-21-3848309189-887869503-2317778804-1001\...\MountPoints2: {7bcf2f22-f04c-11e5-8d86-74d435456c08} - "D:\setup.exe" HKU\S-1-5-21-3848309189-887869503-2317778804-1001\...\MountPoints2: {7bcf2fa5-f04c-11e5-8d86-74d435456c08} - "G:\setup.exe" GroupPolicy: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.2 Tcpip\..\Interfaces\{e0af8884-ace3-48d1-a49e-5b510b6e8189}: [DhcpNameServer] 192.168.0.2 Internet Explorer: ================== BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation) FireFox: ======== FF DefaultProfile: 6io6yjuk.default FF ProfilePath: C:\Users\NeCo\AppData\Roaming\Mozilla\Firefox\Profiles\6io6yjuk.default [2016-10-16] FF Extension: (Firefox Hotfix) - C:\Users\NeCo\AppData\Roaming\Mozilla\Firefox\Profiles\6io6yjuk.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-18] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-08-25] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-01] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-01] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN) FF Plugin HKU\S-1-5-21-3848309189-887869503-2317778804-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\NeCo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-11] (Unity Technologies ApS) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.rs/" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\NeCo\AppData\Local\Google\Chrome\User Data\WidevineCdm\1.4.8.903\_platform_specific\win_x86\widevinecdmadapter.dll => No File CHR Plugin: (Shockwave Flash) - C:\Users\NeCo\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.185\pepflashplayer.dll () CHR Profile: C:\Users\NeCo\AppData\Local\Google\Chrome\User Data\Default [2016-10-16] CHR Extension: (YouTube) - C:\Users\NeCo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-17] CHR Extension: (Google Search) - C:\Users\NeCo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-17] CHR Extension: (AdBlock) - C:\Users\NeCo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-10] CHR Extension: (Chrome Web Store Payments) - C:\Users\NeCo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Gmail) - C:\Users\NeCo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-17] CHR Extension: (Chrome Media Router) - C:\Users\NeCo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-14] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2779136 2016-08-30] (ESET) S3 EvoSvc; E:\Program files\EVOLVE\EvoSvc.exe [1583488 2016-10-12] (Echobit LLC) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457272 2016-09-30] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457272 2016-09-30] (NVIDIA Corporation) R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-09-30] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-04-22] () R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) S2 SwOffScheduler; C:\Program Files\Airytec\Switch Off\swoff.exe [173056 2014-09-23] (Airytec) [File not signed] S2 SwOffWeb; C:\Program Files\Airytec\Switch Off\swoff.exe [173056 2014-09-23] (Airytec) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [872432 2016-06-23] (Tunngle.net GmbH) R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [File not signed] S3 vmicvss; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-10-14] (Samsung Electronics Co., Ltd.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263296 2016-08-30] (ESET) S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15488 2016-08-30] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [197288 2016-08-30] (ESET) R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [181416 2016-08-30] (ESET) S3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2016-10-12] (Echobit, LLC) S3 FlashUSB; C:\Windows\System32\drivers\FlashUSB.sys [27648 2016-03-18] (Intel Mobile Communications) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-09-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47672 2016-09-30] (NVIDIA Corporation) S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-06-18] (Realtek ) S2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2002-10-08] () [File not signed] S3 SRS_SSCFilter; C:\Windows\system32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] () S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-10-14] (Samsung Electronics Co., Ltd.) R3 tap0901t; C:\Windows\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-18] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [247464 2016-04-22] (Zemana Ltd.) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-16 03:06 - 2016-10-16 03:07 - 00041298 _____ C:\Users\NeCo\Downloads\FRST.txt 2016-10-16 03:06 - 2016-10-16 03:06 - 02406912 _____ (Farbar) C:\Users\NeCo\Downloads\FRST64.exe 2016-10-16 03:06 - 2016-10-16 03:06 - 00000000 ____D C:\FRST 2016-10-15 23:14 - 2016-10-15 23:15 - 00000000 ____D C:\Users\NeCo\Downloads\PopcornTime 2016-10-15 23:14 - 2016-10-15 23:14 - 00036984 _____ C:\Users\NeCo\Downloads\241362-theconjuring2_2016_.zip 2016-10-15 23:14 - 2016-10-15 23:14 - 00000000 ____D C:\Users\NeCo\Downloads\241362-theconjuring2_2016_ 2016-10-15 19:23 - 2016-10-15 19:23 - 00000000 ____D C:\Users\NeCo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive 2016-10-15 08:22 - 2016-10-15 08:22 - 00016148 _____ C:\Windows\system32\DESKTOP-MC22DF7_NeCo_HistoryPrediction.bin 2016-10-14 03:59 - 2016-10-14 04:05 - 00000000 ____D C:\Windows\LastGood 2016-10-14 03:59 - 2016-10-14 03:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf 2016-10-14 03:48 - 2016-10-14 04:04 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys 2016-10-14 03:48 - 2016-10-14 04:00 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2016-10-14 03:48 - 2016-10-14 04:00 - 00716920 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2016-10-14 03:48 - 2016-10-14 03:59 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys 2016-10-14 03:48 - 2016-10-14 03:48 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2016-10-14 03:48 - 2016-10-14 03:48 - 00000000 ____D C:\Users\NeCo\Documents\samsung 2016-10-14 03:48 - 2016-10-14 03:48 - 00000000 ____D C:\Users\NeCo\AppData\Local\Samsung 2016-10-14 03:48 - 2016-07-22 09:21 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\SETA774.tmp 2016-10-14 03:48 - 2016-07-22 09:21 - 00716928 _____ (Microsoft Corporation) C:\Windows\system32\SETA734.tmp 2016-10-14 03:48 - 2016-07-22 09:21 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SETE91B.tmp 2016-10-14 03:48 - 2016-07-22 09:21 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SET56A7.tmp 2016-10-14 03:46 - 2016-10-14 03:56 - 00000000 ____D C:\Users\NeCo\AppData\Roaming\Samsung 2016-10-14 03:45 - 2016-05-18 14:49 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll 2016-10-14 03:45 - 2016-05-18 14:49 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll 2016-10-14 03:44 - 2016-10-14 03:56 - 00000000 ____D C:\ProgramData\Samsung 2016-10-14 03:44 - 2016-10-14 03:56 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-10-14 02:40 - 2016-10-14 02:40 - 00000000 ____D C:\Users\NeCo\Downloads\Counter-Strike Global Offensive - WaRzOnE 2016-10-14 02:36 - 2016-10-14 02:36 - 00000000 ____D C:\Users\NeCo\Downloads\Lajanje na zvezde 2016-10-12 02:09 - 2016-10-12 02:09 - 00000000 _____ C:\Windows\SysWOW64\Access.dat 2016-10-12 01:57 - 2016-10-12 02:09 - 00000000 ____D C:\Users\NeCo\AppData\Roaming\Tunngle 2016-10-12 01:57 - 2016-10-12 02:09 - 00000000 ____D C:\ProgramData\Tunngle 2016-10-12 01:57 - 2016-10-12 01:57 - 00000000 ____D C:\Users\Public\Documents\Tunngle 2016-10-12 01:57 - 2016-10-12 01:57 - 00000000 ____D C:\Users\NeCo\Documents\Tunngle 2016-10-12 01:57 - 2016-10-12 01:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle 2016-10-12 01:57 - 2016-10-12 01:57 - 00000000 ____D C:\Program Files (x86)\Tunngle 2016-10-12 01:57 - 2016-04-26 16:10 - 00048824 _____ (Tunngle.net GmbH) C:\Windows\system32\Drivers\tap0901t.sys 2016-10-12 01:39 - 2016-10-12 01:40 - 04832624 _____ (Tunngle.net GmbH ) C:\Users\NeCo\Downloads\Tunngle_Setup_v5.8.7.exe 2016-10-12 00:58 - 2016-10-12 00:58 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0 2016-10-12 00:57 - 2016-10-12 00:58 - 02434048 _____ C:\Users\NeCo\Downloads\msxml.msi 2016-10-12 00:53 - 2016-10-12 00:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games 2016-10-12 00:53 - 2002-10-08 02:07 - 00011376 ____R C:\Windows\SysWOW64\Drivers\SECDRV.SYS 2016-10-12 00:48 - 2016-10-12 00:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Games 2016-10-12 00:41 - 2016-10-12 00:41 - 00021656 _____ (Echobit, LLC) C:\Windows\system32\Drivers\evolve.sys 2016-10-12 00:41 - 2016-10-12 00:41 - 00000835 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolve.lnk 2016-10-12 00:38 - 2016-10-12 00:38 - 03258328 _____ (Echobit LLC) C:\Users\NeCo\Downloads\EvolveSetup.exe 2016-10-12 00:38 - 2016-10-12 00:38 - 00000000 ____D C:\Users\NeCo\AppData\Local\Echobit 2016-10-12 00:38 - 2016-10-12 00:38 - 00000000 ____D C:\ProgramData\Echobit 2016-10-12 00:09 - 2016-10-16 02:47 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-10-12 00:09 - 2016-10-16 02:10 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-10-12 00:09 - 2016-10-12 00:09 - 00003970 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-10-12 00:09 - 2016-10-12 00:09 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-10-12 00:08 - 2016-10-12 00:11 - 00000000 ____D C:\Users\NeCo\AppData\Local\Adobe 2016-10-11 23:37 - 2016-10-11 23:37 - 01446792 _____ C:\Users\NeCo\Downloads\SteamSetup.exe 2016-10-11 23:15 - 2016-10-11 23:16 - 00000000 ____D C:\Windows\SysWOW64\directx 2016-10-11 22:25 - 2016-10-11 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2016-10-09 23:40 - 2016-10-09 23:41 - 00000000 ____D C:\Program Files (x86)\Popcorn Time 2016-10-09 01:53 - 2016-10-14 03:19 - 00000000 ____D C:\Users\NeCo\AppData\Roaming\NVIDIA 2016-10-08 16:20 - 2016-10-08 16:20 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-10-08 16:20 - 2016-10-01 21:25 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2016-10-08 16:20 - 2016-09-09 20:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll 2016-10-08 16:20 - 2016-09-09 20:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll 2016-10-08 16:20 - 2016-09-09 20:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2016-10-08 16:20 - 2016-09-09 20:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe 2016-10-08 16:18 - 2016-10-01 23:11 - 40068544 _____ C:\Windows\system32\nvcompiler.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 35180992 _____ C:\Windows\SysWOW64\nvcompiler.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 34848704 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 28245560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 20234312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 17621696 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 14478440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 10868288 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 10755136 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 10295232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 09098864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 08877808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 08693056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 02913848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 02551352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 01935808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437306.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 01588688 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437306.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 01019328 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00958520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00942016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00895032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00688784 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00578056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00573424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00471608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00181488 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00159352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00054728 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2016-10-08 16:18 - 2016-10-01 23:11 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2016-10-08 16:18 - 2016-10-01 23:11 - 00000669 _____ C:\Windows\system32\nv-vk64.json 2016-10-08 16:15 - 2016-10-01 21:53 - 07422645 _____ C:\Windows\system32\nvcoproc.bin 2016-10-08 16:15 - 2016-10-01 21:53 - 06385720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2016-10-08 16:15 - 2016-10-01 21:53 - 02473408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2016-10-08 16:15 - 2016-10-01 21:53 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2016-10-08 16:15 - 2016-10-01 21:53 - 01364024 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2016-10-08 16:15 - 2016-10-01 21:53 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2016-10-08 16:15 - 2016-10-01 21:53 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2016-10-08 16:15 - 2016-10-01 21:53 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2016-10-08 16:15 - 2016-10-01 21:53 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2016-10-08 16:14 - 2016-06-03 09:22 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2016-10-08 16:14 - 2016-06-03 09:22 - 00203320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2016-10-08 12:36 - 2016-10-08 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2016-10-08 01:03 - 2016-10-08 16:20 - 00000000 ____D C:\Windows\LastGood.Tmp 2016-10-08 01:03 - 2016-10-08 01:03 - 00004000 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-08 01:03 - 2016-10-08 01:03 - 00003972 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-08 01:03 - 2016-10-08 01:03 - 00003936 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-08 01:03 - 2016-10-08 01:03 - 00003910 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-08 01:03 - 2016-10-08 01:03 - 00003748 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-08 01:03 - 2016-10-08 01:03 - 00003706 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-08 01:03 - 2016-09-30 06:22 - 01844280 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2016-10-08 01:03 - 2016-09-30 06:22 - 01756728 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2016-10-08 01:03 - 2016-09-30 06:22 - 01445944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2016-10-08 01:03 - 2016-09-30 06:22 - 01318968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2016-10-08 01:03 - 2016-09-30 06:22 - 00121912 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2016-10-08 01:03 - 2016-09-30 06:22 - 00106040 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-10-08 01:03 - 2016-09-30 06:22 - 00095800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-10-08 01:03 - 2016-09-29 21:27 - 00001951 _____ C:\Windows\NvContainerRecovery.bat 2016-09-29 10:01 - 2016-09-29 10:01 - 00000000 ____D C:\Users\NeCo\AppData\Local\FacebookGames 2016-09-29 10:01 - 2016-09-29 10:01 - 00000000 ____D C:\Users\NeCo\AppData\Local\Facebook 2016-09-16 15:31 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-16 03:04 - 2016-02-17 05:16 - 00000000 ____D C:\Users\NeCo\AppData\Roaming\Skype 2016-10-16 02:54 - 2016-02-17 05:08 - 00004164 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D3E6F8F7-DEAA-4CD3-ADE4-AC11E149B76B} 2016-10-16 02:34 - 2016-02-17 05:17 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-10-15 23:25 - 2016-02-20 23:32 - 00000000 ___RD C:\Users\NeCo\Desktop\Programi 2016-10-15 18:47 - 2016-02-17 18:06 - 00000000 ____D C:\Users\NeCo\AppData\Roaming\BitTorrent 2016-10-15 08:27 - 2015-07-31 00:42 - 00000000 ___HD C:\Program Files\WindowsApps 2016-10-15 08:27 - 2015-07-31 00:42 - 00000000 ____D C:\Windows\AppReadiness 2016-10-15 08:22 - 2016-05-16 06:51 - 00000000 ____D C:\ProgramData\MCShield 2016-10-15 08:22 - 2016-03-29 06:51 - 00000000 ____D C:\ProgramData\NVIDIA 2016-10-15 08:22 - 2016-02-17 05:17 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-10-14 04:08 - 2016-02-17 05:43 - 00000000 ____D C:\Users\NeCo\AppData\Local\CrashDumps 2016-10-14 04:08 - 2015-07-31 00:40 - 00000000 ____D C:\Windows\INF 2016-10-14 04:05 - 2016-02-17 05:08 - 00875126 _____ C:\Windows\system32\PerfStringBackup.INI 2016-10-14 03:58 - 2016-04-22 15:16 - 00000119 _____ C:\Windows\ZAM_Guard.krnl.trace 2016-10-14 03:58 - 2015-07-30 23:52 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-10-14 03:57 - 2015-07-10 11:05 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-10-14 03:56 - 2016-02-17 05:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-10-14 03:44 - 2016-02-17 05:48 - 00000000 ____D C:\Users\NeCo\AppData\Local\Downloaded Installations 2016-10-14 03:20 - 2016-02-17 18:26 - 00001270 _____ C:\Users\NeCo\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk 2016-10-13 21:37 - 2016-04-14 17:22 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-10-13 21:37 - 2016-04-14 17:22 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-10-13 16:18 - 2015-07-30 23:49 - 00349776 _____ C:\Windows\system32\FNTCACHE.DAT 2016-10-12 02:35 - 2016-02-23 21:23 - 00000000 ____D C:\Users\NeCo\AppData\Roaming\TeamViewer 2016-10-12 01:58 - 2016-02-17 05:16 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-10-12 01:58 - 2016-02-17 05:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-10-12 00:08 - 2015-07-31 00:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-10-12 00:08 - 2015-07-31 00:42 - 00000000 ____D C:\Windows\system32\Macromed 2016-10-11 23:30 - 2016-02-17 05:02 - 00000000 ____D C:\Users\NeCo\AppData\Local\Packages 2016-10-11 23:17 - 2016-02-21 05:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-10-11 22:25 - 2016-02-17 05:27 - 00000000 ____D C:\ProgramData\Package Cache 2016-10-09 23:34 - 2016-02-21 05:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-10-08 23:18 - 2016-02-17 05:15 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-10-08 23:18 - 2016-02-17 05:15 - 00000000 ____D C:\ProgramData\Skype 2016-10-08 16:40 - 2016-03-29 07:24 - 00000000 ____D C:\Users\NeCo\AppData\Local\NVIDIA 2016-10-08 16:21 - 2016-03-29 07:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-10-08 16:21 - 2016-02-17 05:27 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-10-08 16:21 - 2016-02-17 05:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-10-08 16:15 - 2015-07-31 00:42 - 00000000 ____D C:\Windows\Help 2016-10-08 16:13 - 2016-03-29 07:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-10-08 12:36 - 2016-02-17 05:17 - 00000000 ____D C:\Program Files (x86)\Google 2016-10-08 01:23 - 2016-03-02 20:16 - 00000000 ____D C:\Users\NeCo\AppData\Local\NVIDIA Corporation 2016-10-05 07:19 - 2016-06-22 11:52 - 14249416 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-10-01 23:11 - 2016-06-22 11:52 - 23729984 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-10-01 23:11 - 2016-06-22 11:52 - 03909272 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-10-01 23:11 - 2016-06-22 11:52 - 03451744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-10-01 23:11 - 2016-06-22 11:52 - 00223304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2016-10-01 23:11 - 2016-06-22 11:52 - 00040826 _____ C:\Windows\system32\nvinfo.pb 2016-09-30 06:22 - 2016-03-29 07:22 - 00047672 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-03-25 01:40 ==================== End of FRST.txt ============================ https://www.mycity.rs/must-login.png Dopuna: 16 Okt 2016 3:19 Nisam koristio kompjuter nekih 5 mjeseci , i sad vidim da nece da ucita player na filmovima (online) Dopuna: 16 Okt 2016 3:20 Pozdrav za AMF tim Dopuna: 16 Okt 2016 3:24 Napravih gresku , pokrenuo sam FRST iz Download folder-a , sad sam ga prebacio na Dekstop , ako trebaju novi logovi - recite. Dopuna: 16 Okt 2016 22:34 I interesuje me od cega je nastalo ovo "ATTENTION" ?

Profil

Sass Drake Poslao: 17 Okt 2016 18:23 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvini zbog kasnog odogovora, ali čist si što se malwarea tiče. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

helen1 Poslao: 17 Okt 2016 18:44 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 11neco11 :: I interesuje me od cega je nastalo ovo "ATTENTION" ? To je zbog CryptoPreventa.

Profil

11neco11 Poslao: 17 Okt 2016 20:52 Idi na vrh
offline 11neco11 Elitni građanin Nemanja Djukanovic Pridružio: 18 Dec 2012 Poruke: 1761 Gde živiš: Niksic - Crna Gora	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Znaci sve okej , hvala momci

Profil

TwinHeadedEagle Poslao: 18 Okt 2016 09:49 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sledeci put proveru mozes da izvrsis i sam i uz pomoc: - Zemana AntiMalware - MalwareBytes AntiMalware - AdwCleaner

Profil

11neco11 Poslao: 18 Okt 2016 15:25 Idi na vrh
offline 11neco11 Elitni građanin Nemanja Djukanovic Pridružio: 18 Dec 2012 Poruke: 1761 Gde živiš: Niksic - Crna Gora	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 18 Okt 2016 16:25 TwinHeadedEagle ::Sledeci put proveru mozes da izvrsis i sam i uz pomoc: - Zemana AntiMalware - MalwareBytes AntiMalware - AdwCleaner Odradio sam sa junk removal tool , mbam , adwcleaner cisto sve. Zbog toga sam dosao odje. Dopuna: 18 Okt 2016 16:25 Hvala kako god

Profil

TwinHeadedEagle Poslao: 18 Okt 2016 15:35 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ako je nekoliko alata reklo da je sve cisto i nemas problema u radu racunara, onda nema potrebe da otvaras temu. Pregledanje logova oduzima vreme, a i malo smara kada jedni te isti clanovi traze pomoc bez razloga (ovo je bilo trazenje pomoci bez razloga). Nadam se da shvatas.

Profil

11neco11 Poslao: 25 Okt 2016 03:12 Idi na vrh
offline 11neco11 Elitni građanin Nemanja Djukanovic Pridružio: 18 Dec 2012 Poruke: 1761 Gde živiš: Niksic - Crna Gora	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 18 Okt 2016 16:38 Razumijem ja da treba vremena , zbog toga nisam ni pozurivao vas da pogledate logove nego cekao vase slobodno vrijeme. Zemanu cu od sad takodje da koristim. Hvala jos jednom. Dopuna: 25 Okt 2016 4:12 PS. ovo je drugi put da nasrnes ovako na mene , pogledaj malo druge korisnike otvaraju teme svako mjesec - dva pa im nista ne kazes ali nema veze ja tb postujem kao i sve na ovaj forum. Jos jednom veliko hvala od mene.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provjera (nemam nikakvih problema)

Ko je trenutno na forumu

Ukupno su 768 korisnika na forumu :: 42 registrovanih, 7 sakrivenih i 719 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Alibaba1981, Atomski čoban, bigfoot, Bobrock1, bokisha253, darkangel, Dimitrise93, Džordžino, FileFinder, FOX, Georgius, HrcAk47, ikan, ILGromovnik, janbo, JOntra, Krvava Devetka, kybonacci, laurusri, Leonov, ljuba, Marko Marković, Mcdado, Metanoja, Mi lao shu, milutin134, Mixelotti, moldway, mrav pesadinac, oldtimer, slonic_tonic, stalja, stankolich, stegonosa, suton, uruk, vladetije, voja64, W123, wizzardone, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by