Safefinder Search Engine

Safefinder Search Engine

offline
  • Pridružio: 10 Apr 2016
  • Poruke: 66

E ovako prije otprilike mjesec dana safefinder se nametnuo kao default search engine u svim browserima.Pokusao sam i restartovati podesavanja browsera ali nije pomoglo.Pronasao sam neka uputstva kako ga se rijesiti i radilo je.Prije 2 dana mi se ponovo javio isti problem i rijesio sam ga brisanjem nekog extensiona.I juce mi se to ponovilo ali ovog puta nije bilo nikakvog browser extensiona niti su prethodna upustva pomogla.Kako da ga se rijesim vise?
Hvalaa Very Happy Ziveli

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-08-2016 01
Ran by Sergej (administrator) on SERGEJ-PC (17-08-2016 13:08:28)
Running from C:\Users\Sergej\Desktop
Loaded Profiles: Sergej (Available Profiles: Sergej)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\ProgramData\ocep\ocep.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Disc Soft Ltd) B:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-3369676934-2321254217-177964184-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3369676934-2321254217-177964184-1000\...\Run: [DAEMON Tools Lite Automount] => "B:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
HKU\S-1-5-21-3369676934-2321254217-177964184-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-3369676934-2321254217-177964184-1000\...\MountPoints2: {cdc050f5-4035-11e6-8590-001e8cbf0120} - L:\setup.exe
HKU\S-1-5-21-3369676934-2321254217-177964184-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\ProgramData\ocep\Medzamlax.dll => C:\ProgramData\ocep\Medzamlax.dll [248320 2016-08-14] ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8E19E90B-BCCC-4B9F-A9E3-E9432844E15F}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3369676934-2321254217-177964184-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaGPoAIqEA8wQnqs5Zr1KOWo_heqC2sGSAEN37iv_OUoHMB4GnXYcZ4reDbnnmVYJjvk7UNsF47qxM1rAKMUrXjk20uqfVT1Megb1W-RObiWGvA6EjSutNswjoqLoVq1F2-wuplpbxTfGpgWEHWIwnTMHhlsIoXROUsZGvZkZc-Q,&q={searchTerms}
HKU\S-1-5-21-3369676934-2321254217-177964184-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaGPoAIqEA8wQnqs5Zr1KOWo_heqC2sGSAEN37iv_OUoHMB4GnXYcZ4reDbnnmVYJjvk7UNsF47qxM1aqZSJxfUFLwbiJox_MzkM4uMQVP2jfBYhVS-BS9GrfVejlsJwrNG5Ro0eBNvv-vtWz6rTa4qTsBkbX1-ufU1nYxlA9FD4,
HKU\S-1-5-21-3369676934-2321254217-177964184-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaGPoAIqEA8wQnqs5Zr1KOWo_heqC2sGSAEN37iv_OUoHMB4GnXYcZ4reDbnnmVYJjvk7UNsF47qxM1rAKMUrXjk20uqfVT1Megb1W-RObiWGvA6EjSutNswjoqLoVq1F2-wuplpbxTfGpgWEHWIwnTMHhlsIoXROUsZGvZkZc-Q,&q={searchTerms}
HKU\S-1-5-21-3369676934-2321254217-177964184-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaGPoAIqEA8wQnqs5Zr1KOWo_heqC2sGSAEN37iv_OUoHMB4GnXYcZ4reDbnnmVYJjvk7UNsF47qxM1rAKMUrXjk20uqfVT1Megb1W-RObiWGvA6EjSutNswjoqLoVq1F2-wuplpbxTfGpgWEHWIwnTMHhlsIoXROUsZGvZkZc-Q,&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM -> ielnksrch URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaGPoAIqEA8wQnqs5Zr1KOWo_heqC2sGSAEN37iv_OUoHMB4GnXYcZ4reDbnnmVYJjvk7UNsF47qxM1rAKMUrXjk20uqfVT1Megb1W-RObiWGvA6EjSutNswjoqLoVq1F2-wuplpbxTfGpgWEHWIwnTMHhlsIoXROUsZGvZkZc-Q,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3369676934-2321254217-177964184-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaGPoAIqEA8wQnqs5Zr1KOWo_heqC2sGSAEN37iv_OUoHMB4GnXYcZ4reDbnnmVYJjvk7UNsF47qxM1rAKMUrXjk20uqfVT1Megb1W-RObiWGvA6EjSutNswjoqLoVq1F2-wuplpbxTfGpgWEHWIwnTMHhlsIoXROUsZGvZkZc-Q,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3369676934-2321254217-177964184-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaGPoAIqEA8wQnqs5Zr1KOWo_heqC2sGSAEN37iv_OUoHMB4GnXYcZ4reDbnnmVYJjvk7UNsF47qxM1rAKMUrXjk20uqfVT1Megb1W-RObiWGvA6EjSutNswjoqLoVq1F2-wuplpbxTfGpgWEHWIwnTMHhlsIoXROUsZGvZkZc-Q,&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Sergej\AppData\Roaming\Mozilla\Firefox\Profiles\qfsyrht6.default
FF NewTab: C:\\ProgramData\\oceps\\ff.NT
FF Homepage: C:\\ProgramData\\oceps\\ff.HP
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3369676934-2321254217-177964184-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sergej\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Sergej\AppData\Roaming\Mozilla\Firefox\Profiles\qfsyrht6.default\user.js [2015-12-03]
FF Extension: Firebug - C:\Users\Sergej\AppData\Roaming\Mozilla\Firefox\Profiles\qfsyrht6.default\Extensions\firebug@software.joehewitt.com.xpi [2016-06-20]
StartMenuInternet: FIREFOX.EXE - B:\Mozilla\firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaGPoAIqEA8wQnqs5Zr1KOWo_heqC2sGSAEN37iv_OUoHMB4GnXYcZ4reDbnnmVYJjvk7UNsF47qxM1rbVhDT6KDri7vzubNHssqrIGLOpaQdTr714CDSZhuFc4AlqrhWKkozCmBJHpQDuAqsHufhd60sblrsQJpHuWc2IWqrAG4,
CHR StartupUrls: Default -> "hxxps://www.google.ba/#q=best+nuclear+shelter+in+the+world"
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaGPoAIqEA8wQnqs5Zr1KOWo_heqC2sGSAEN37iv_OUoHMB4GnXYcZ4reDbnnmVYJjvk7UNsF47qxM1rXGGAt71ZKnSE3GLpTa9SsQOfaYceQKWJOJ-tUhNjDgEoRjRcNMf9fso_fM8s-KQIttAQI_-BbY6JHzD4SB-Epo0M3EBU,&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\Sergej\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Sergej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-03]
CHR Extension: (Google Docs) - C:\Users\Sergej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-03]
CHR Extension: (Google Drive) - C:\Users\Sergej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-03]
CHR Extension: (YouTube) - C:\Users\Sergej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-03]
CHR Extension: (Google Search) - C:\Users\Sergej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-03]
CHR Extension: (Google Sheets) - C:\Users\Sergej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-03]
CHR Extension: (Google Docs Offline) - C:\Users\Sergej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sergej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-15]
CHR Extension: (Gmail) - C:\Users\Sergej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-03]
CHR Extension: (Chrome Media Router) - C:\Users\Sergej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-06]
CHR HKLM\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BitTorrent; C:\Program Files\BitTorrent\BitTorrent.exe [383488 2016-06-07] () [File not signed] <==== ATTENTION
R3 Disc Soft Lite Bus Service; B:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1138368 2016-05-30] (Disc Soft Ltd)
S3 fussvc; C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe [140800 2013-08-21] (Microsoft Corporation) [File not signed]
R2 ocep; C:\ProgramData\\ocep\\ocep.exe [392704 2016-08-14] () [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2016-06-13] ()
S3 Te.Service; C:\Program Files\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [91136 2013-08-21] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [71344 2013-10-05] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe shuz -f "C:\ProgramData\\CloudPrinter\\CloudPrinter.dat" -l -a
S2 eroduat; C:\Users\Sergej\AppData\Local\saotech.exe aoonloaduo eroduat [X]
S2 Ronzap; C:\ProgramData\\Ronzap\\Ronzap.exe shuz -f "C:\ProgramData\\Ronzap\\Ronzap.dat" -l -a

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-01-01] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-06-07] (Disc Soft Ltd)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32384 2016-08-14] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-17 13:08 - 2016-08-17 13:08 - 00012267 _____ C:\Users\Sergej\Desktop\FRST.txt
2016-08-16 17:25 - 2016-08-16 17:26 - 00000000 ____D C:\Users\Sergej\Downloads\FRST-OlderVersion
2016-08-16 15:50 - 2016-08-16 16:01 - 00000000 ____D C:\Users\Sergej\Documents\Bully Scholarship Edition
2016-08-16 15:50 - 2016-08-16 15:50 - 00000863 _____ C:\Users\Public\Desktop\Bully Scholarship Edition.lnk
2016-08-15 17:38 - 2016-08-15 17:40 - 58769721 _____ C:\Users\Sergej\Downloads\MICROSOFT_PRESS_EBOOK_CREATINGMOBILEAPPSWITHXAMARINFORMS_PDF.PDF
2016-08-14 11:11 - 2016-08-14 11:11 - 00032384 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-08-14 10:57 - 2016-08-14 10:57 - 00001913 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-08-14 10:57 - 2016-08-14 10:57 - 00000000 ____D C:\Program Files\HitmanPro
2016-08-14 10:56 - 2016-08-14 11:10 - 00000000 ____D C:\ProgramData\HitmanPro
2016-08-14 10:49 - 2016-08-14 10:49 - 00393717 _____ C:\Users\Sergej\Downloads\9342_1117866787_ge.zip
2016-08-14 10:48 - 2016-08-14 10:48 - 00000000 ____D C:\ProgramData\oceps
2016-08-14 10:47 - 2016-08-17 12:23 - 00000000 ____D C:\ProgramData\ocep
2016-08-12 13:08 - 2016-08-12 13:08 - 00143728 _____ C:\Windows\Minidump\081216-20779-01.dmp
2016-08-09 13:36 - 2016-08-09 13:36 - 00143728 _____ C:\Windows\Minidump\080916-21808-01.dmp
2016-08-09 10:24 - 2016-08-09 10:24 - 00143728 _____ C:\Windows\Minidump\080916-23446-01.dmp
2016-08-07 22:56 - 2016-08-07 22:56 - 00001496 _____ C:\Users\Sergej\Desktop\SpinTiresRelease - Shortcut.lnk
2016-08-07 17:30 - 2016-08-07 23:21 - 00000000 ____D C:\Users\Sergej\AppData\Roaming\SpinTires
2016-08-05 23:26 - 2016-08-05 23:26 - 00000000 ____D C:\Users\Sergej\Desktop\PRAVILNICI
2016-08-05 23:24 - 2016-08-05 23:25 - 04924100 _____ C:\Users\Sergej\Downloads\PRAVILNICI.rar
2016-08-05 23:10 - 2016-08-05 23:11 - 02654793 _____ C:\Users\Sergej\Downloads\Samoevaluacija(1) (1).pdf
2016-08-05 23:10 - 2016-08-05 23:10 - 02654793 _____ C:\Users\Sergej\Downloads\Samoevaluacija(1).pdf
2016-08-05 15:44 - 2016-08-05 15:44 - 00000000 ____D C:\Users\Sergej\AppData\Roaming\NuGet
2016-08-05 14:57 - 2016-08-05 15:44 - 00000000 ____D C:\Users\Sergej\Documents\Visual Studio 2013
2016-08-05 14:55 - 2016-08-05 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-05 14:54 - 2016-08-05 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
2016-08-05 14:54 - 2016-08-05 14:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-05 14:52 - 2016-08-05 14:52 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2016-08-05 14:52 - 2016-08-05 14:52 - 00000000 ____D C:\Program Files\Application Verifier
2016-08-05 14:51 - 2016-08-05 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-08-05 14:49 - 2016-08-05 14:49 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2016-08-05 14:48 - 2016-08-05 14:49 - 00000000 ____D C:\Program Files\Microsoft ASP.NET
2016-08-05 14:47 - 2016-08-05 14:47 - 00000000 ____D C:\Program Files\Microsoft Web Tools
2016-08-05 14:46 - 2016-08-05 14:46 - 00000000 ____D C:\ProgramData\NuGet
2016-08-05 14:46 - 2016-08-05 14:46 - 00000000 ____D C:\Program Files\NuGet
2016-08-05 14:46 - 2016-08-05 14:46 - 00000000 ____D C:\Program Files\Microsoft WCF Data Services
2016-08-05 14:46 - 2016-08-05 14:46 - 00000000 ____D C:\Program Files\IIS Express
2016-08-05 14:45 - 2016-08-05 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2016-08-05 14:43 - 2016-08-05 14:50 - 00000000 ____D C:\Program Files\Windows Kits
2016-08-05 14:40 - 2016-08-05 14:40 - 00000000 ____D C:\Windows\symbols
2016-08-05 14:40 - 2016-08-05 14:40 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2016-08-05 14:40 - 2016-08-05 14:40 - 00000000 ____D C:\Program Files\HTML Help Workshop
2016-08-05 14:38 - 2016-08-05 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2016-08-05 14:38 - 2016-08-05 14:43 - 00000000 ____D C:\Windows\system32\1033
2016-08-05 14:35 - 2016-08-05 14:55 - 00000000 ____D C:\Program Files\Microsoft SDKs
2016-08-05 14:35 - 2016-08-05 14:50 - 00000000 ____D C:\Program Files\Common Files\Merge Modules
2016-08-05 14:34 - 2016-08-05 14:55 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2016-08-05 14:31 - 2016-08-05 14:31 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-03 16:39 - 2016-08-03 16:39 - 00143728 _____ C:\Windows\Minidump\080316-21309-01.dmp
2016-07-30 23:36 - 2016-07-30 23:36 - 00001365 _____ C:\Users\Sergej\Downloads\lolking-spectate-EUN1-1477337795.bat
2016-07-30 23:32 - 2016-07-30 23:33 - 00020886 _____ C:\Users\Sergej\Downloads\Addition.txt
2016-07-30 23:29 - 2016-08-16 17:28 - 00041535 _____ C:\Users\Sergej\Downloads\FRST.txt
2016-07-30 23:28 - 2016-08-17 13:08 - 00000000 ____D C:\FRST
2016-07-30 23:27 - 2016-08-16 17:25 - 01744896 _____ (Farbar) C:\Users\Sergej\Desktop\FRST.exe
2016-07-30 18:23 - 2016-07-30 18:24 - 04952336 _____ (Advanced Micro Devices, Inc.) C:\Users\Sergej\Downloads\autodetectutility.exe
2016-07-30 17:13 - 2016-07-30 17:13 - 00009296 _____ C:\Users\Sergej\Downloads\565406_1798832305_izvjestaj.txt
2016-07-30 17:11 - 2016-07-30 17:11 - 00001019 _____ C:\Users\Sergej\Desktop\WhoCrashed.lnk
2016-07-30 17:10 - 2016-07-30 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2016-07-30 17:10 - 2016-07-30 17:11 - 00000000 ____D C:\Program Files\WhoCrashed
2016-07-30 17:07 - 2016-07-30 17:07 - 02491240 _____ (Resplendence Software Projects Sp. ) C:\Users\Sergej\Downloads\whocrashedSetup.exe
2016-07-30 15:10 - 2016-07-30 15:11 - 00143728 _____ C:\Windows\Minidump\073016-20935-01.dmp
2016-07-30 09:58 - 2016-07-30 09:59 - 00143728 _____ C:\Windows\Minidump\073016-19983-01.dmp
2016-07-29 17:12 - 2016-07-29 17:12 - 00143728 _____ C:\Windows\Minidump\072916-19546-01.dmp
2016-07-28 17:40 - 2016-07-28 17:40 - 00000000 ____D C:\Users\Sergej\Documents\League of Legends
2016-07-28 13:11 - 2016-07-28 13:11 - 00001389 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-07-28 13:06 - 2016-07-28 13:08 - 31336304 _____ (Riot Games) C:\Users\Sergej\Downloads\LeagueofLegends_EUNE_Installer_2016_05_13.exe
2016-07-28 00:56 - 2016-07-28 00:56 - 00000000 ____D C:\Program Files\IIS
2016-07-28 00:41 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-07-28 00:41 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-07-28 00:26 - 2016-07-28 00:26 - 00010971 _____ C:\Users\Sergej\Downloads\Russian.Martial.Arts.-.Systema.-.Vladimir.Vasiliev.-.Psychic.Energy.Meditation (1).torrent
2016-07-28 00:25 - 2016-07-28 00:25 - 00010971 _____ C:\Users\Sergej\Downloads\Russian.Martial.Arts.-.Systema.-.Vladimir.Vasiliev.-.Psychic.Energy.Meditation.torrent
2016-07-28 00:18 - 2016-07-28 00:18 - 00011101 _____ C:\Users\Sergej\Downloads\5919D8F2B8EDEE7B6E4D877F9585906A9380FA43 (1).torrent
2016-07-28 00:16 - 2016-07-28 00:16 - 00011101 _____ C:\Users\Sergej\Downloads\5919D8F2B8EDEE7B6E4D877F9585906A9380FA43.torrent
2016-07-27 23:02 - 2016-08-05 14:54 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-07-27 23:00 - 2016-08-05 14:53 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-07-27 22:59 - 2016-07-27 22:59 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-07-27 22:59 - 2016-07-27 22:59 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-07-27 22:59 - 2016-07-27 22:59 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-07-27 22:59 - 2016-07-27 22:59 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-07-27 22:59 - 2016-07-27 22:59 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-07-27 22:59 - 2016-07-27 22:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-07-27 22:59 - 2016-07-27 22:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-07-27 22:58 - 2016-07-27 22:58 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-07-27 22:58 - 2016-07-27 22:58 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-07-27 22:58 - 2016-07-27 22:58 - 00240496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-07-27 22:58 - 2016-07-27 22:58 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-07-27 22:58 - 2016-07-27 22:58 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-07-27 22:58 - 2016-07-27 22:58 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-07-27 22:57 - 2016-07-27 22:57 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-07-27 22:57 - 2016-07-27 22:57 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-27 22:57 - 2016-07-27 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-07-27 22:56 - 2016-07-27 22:56 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-07-27 22:53 - 2016-07-27 22:53 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-07-27 22:49 - 2016-07-27 22:51 - 29720784 _____ (Microsoft Corporation) C:\Users\Sergej\Downloads\IE11-Windows6.1-x86-en-us.exe
2016-07-27 22:41 - 2016-07-27 22:41 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-07-27 22:37 - 2016-07-27 22:37 - 00213944 _____ (Microsoft Corporation) C:\Users\Sergej\Downloads\wdexpress__3d061edc0bc0e747a73c000e724a0c13.exe
2016-07-27 18:01 - 2016-07-27 18:01 - 00000649 _____ C:\Users\Sergej\Downloads\567264_1965515657_ComboFix-quarantined-files.txt
2016-07-23 23:40 - 2016-07-23 23:40 - 01474568 _____ C:\Users\Sergej\Downloads\cyberghost-vpn.exe
2016-07-23 23:21 - 2016-07-23 23:21 - 00114427 _____ C:\Users\Sergej\Downloads\hacking_prirucnici.rar
2016-07-23 13:54 - 2016-07-23 13:54 - 04593450 _____ C:\Users\Sergej\Downloads\197539_194753337_Aleksandar_Soljenicin-Arhipelag_GULAG.pdf
2016-07-22 01:17 - 2016-07-22 01:17 - 00000000 ____D C:\Users\Sergej\AppData\Roaming\Unity
2016-07-22 00:45 - 2016-07-22 00:45 - 01091008 _____ (Unity Technologies ApS) C:\Users\Sergej\Downloads\UnityWebPlayer.exe
2016-07-22 00:45 - 2016-07-22 00:45 - 00000000 ____D C:\Users\Sergej\AppData\LocalLow\Unity
2016-07-22 00:45 - 2016-07-22 00:45 - 00000000 ____D C:\Users\Sergej\AppData\Local\Unity

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-17 12:29 - 2009-07-14 06:34 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-17 12:29 - 2009-07-14 06:34 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-17 12:27 - 2010-11-20 23:01 - 00785302 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-17 12:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-08-17 12:26 - 2015-11-29 13:08 - 00000000 ____D C:\Users\Sergej\AppData\Roaming\Skype
2016-08-17 12:23 - 2016-06-07 15:09 - 00002394 _____ C:\Windows\system32\findit.xml
2016-08-17 12:23 - 2016-02-27 22:47 - 00002231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-17 12:23 - 2016-02-27 22:47 - 00002225 _____ C:\Users\Public\Desktop\Opera.lnk
2016-08-17 12:23 - 2015-11-26 17:08 - 00000627 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-17 12:23 - 2015-11-26 17:08 - 00000627 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-17 12:23 - 2015-11-20 03:04 - 00002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-17 12:23 - 2015-11-20 02:36 - 00001401 _____ C:\Users\Sergej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-08-17 12:22 - 2015-11-20 03:02 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-17 12:22 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-16 23:11 - 2015-11-20 03:02 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-16 15:41 - 2016-01-14 13:28 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-08-16 15:41 - 2016-01-14 13:28 - 00000000 ____D C:\Windows\system32\directx
2016-08-16 15:40 - 2015-11-21 15:08 - 00000000 ____D C:\Users\Sergej\AppData\Roaming\uTorrent
2016-08-16 14:15 - 2016-02-11 17:12 - 00000000 ___SD C:\Users\Sergej\AppData\LocalLow\Temp
2016-08-14 11:11 - 2015-11-20 02:36 - 00000000 ____D C:\Users\Sergej
2016-08-14 11:09 - 2016-06-07 22:11 - 00000684 _____ C:\Windows\system32\.crusader
2016-08-14 11:09 - 2016-06-07 15:08 - 00000000 ____D C:\ProgramData\Logic Handler
2016-08-12 13:08 - 2016-06-03 15:28 - 130043374 _____ C:\Windows\MEMORY.DMP
2016-08-12 13:08 - 2016-06-03 15:28 - 00000000 ____D C:\Windows\Minidump
2016-08-07 12:02 - 2016-02-22 18:02 - 00000000 ____D C:\Users\Sergej\AppData\Local\ElevatedDiagnostics
2016-08-05 22:58 - 2016-02-27 22:46 - 00000000 ____D C:\Program Files\Opera
2016-08-05 22:58 - 2009-07-14 06:33 - 00412520 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-05 14:57 - 2015-11-20 03:02 - 00110032 _____ C:\Users\Sergej\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-05 14:40 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-05 14:36 - 2015-11-25 19:15 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-05 14:34 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\MSBuild
2016-08-03 16:29 - 2016-07-01 23:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-30 18:33 - 2015-11-21 15:54 - 00000000 ____D C:\Users\Sergej\Desktop\wordpress
2016-07-29 17:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports
2016-07-29 10:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2016-07-29 00:30 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2016-07-28 23:13 - 2016-02-06 12:00 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-07-28 23:12 - 2009-07-14 06:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-07-28 13:11 - 2015-11-21 15:42 - 00000000 ____D C:\Users\Sergej\AppData\Roaming\Riot Games
2016-07-28 00:58 - 2015-12-10 15:54 - 00000000 ____D C:\Users\Sergej\AppData\Local\CrashDumps
2016-07-27 22:29 - 2016-05-31 12:20 - 00000000 ____D C:\Users\Sergej\.PyCharm40
2016-07-26 16:22 - 2016-01-01 22:54 - 00000000 ____D C:\Users\Sergej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-07-25 12:53 - 2016-07-13 12:55 - 00000000 ____D C:\Users\Sergej\AppData\Roaming\Tropico 3
2016-07-23 20:27 - 2009-07-14 06:53 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2016-06-07 15:08 - 2016-06-07 15:08 - 6867968 _____ () C:\Users\Sergej\AppData\Roaming\agent.dat
2016-06-07 15:08 - 2016-06-07 15:08 - 0054272 _____ () C:\Users\Sergej\AppData\Roaming\ApplicationHosting.dat
2016-06-07 15:08 - 2016-06-07 15:08 - 0069072 _____ () C:\Users\Sergej\AppData\Roaming\Config.xml
2016-06-07 15:08 - 2016-06-07 15:08 - 2279413 _____ () C:\Users\Sergej\AppData\Roaming\Damfix.bin
2016-06-07 15:34 - 2016-06-07 15:34 - 0005120 _____ () C:\Users\Sergej\AppData\Roaming\GiftBag.db
2016-06-07 15:07 - 2016-06-07 15:08 - 0019584 _____ () C:\Users\Sergej\AppData\Roaming\InstallationConfiguration.xml
2016-06-07 15:07 - 2016-06-07 15:07 - 0128512 _____ () C:\Users\Sergej\AppData\Roaming\Installer.dat
2016-06-07 15:08 - 2016-06-07 15:08 - 0126464 _____ () C:\Users\Sergej\AppData\Roaming\lobby.dat
2016-06-07 15:08 - 2016-06-07 15:08 - 0018432 _____ () C:\Users\Sergej\AppData\Roaming\Main.dat
2016-06-07 15:08 - 2016-06-07 15:08 - 0005568 _____ () C:\Users\Sergej\AppData\Roaming\md.xml
2016-06-07 15:08 - 2016-06-07 15:08 - 0126464 _____ () C:\Users\Sergej\AppData\Roaming\noah.dat
2016-06-07 15:08 - 2016-06-07 15:08 - 1759232 _____ () C:\Users\Sergej\AppData\Roaming\Opestock.tst
2016-06-07 15:08 - 2016-06-07 15:08 - 0072820 _____ () C:\Users\Sergej\AppData\Roaming\Sao-Soft.tst
2016-06-07 15:08 - 2016-06-07 15:08 - 0848437 _____ () C:\Users\Sergej\AppData\Roaming\Trippletough.bin
2016-06-07 15:09 - 2016-06-07 15:09 - 0001150 _____ () C:\Users\Sergej\AppData\Roaming\uninstall_temp.ico
2016-06-07 15:08 - 2016-06-07 15:08 - 0189659 _____ () C:\Users\Sergej\AppData\Roaming\Zoomtam.bin
2016-06-07 15:09 - 2016-06-07 15:09 - 0041472 _____ () C:\Users\Sergej\AppData\Local\saotech.dat
2016-06-07 15:09 - 2016-06-07 15:09 - 0000187 _____ () C:\Users\Sergej\AppData\Local\saotech.exe.config
2015-05-22 10:06 - 2015-05-22 10:06 - 0010266 _____ () C:\ProgramData\regid.2015-05.exe.textpad_83F5EF12-C2F9-4C11-A5C5-57A7B2D7AD25.swidtag

Some files in TEMP:
====================
C:\Users\Sergej\AppData\Local\Temp\13-9-legacy_vista_win7_32_dd_ccc_whql.exe
C:\Users\Sergej\AppData\Local\Temp\7za.exe
C:\Users\Sergej\AppData\Local\Temp\ads.exe
C:\Users\Sergej\AppData\Local\Temp\appstart.exe
C:\Users\Sergej\AppData\Local\Temp\bitool.dll
C:\Users\Sergej\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Sergej\AppData\Local\Temp\DAEMON Tools Lite.exe
C:\Users\Sergej\AppData\Local\Temp\DSETUP.dll
C:\Users\Sergej\AppData\Local\Temp\dsetup32.dll
C:\Users\Sergej\AppData\Local\Temp\dxdiag.exe
C:\Users\Sergej\AppData\Local\Temp\DXSETUP.exe
C:\Users\Sergej\AppData\Local\Temp\HitmanPro.exe
C:\Users\Sergej\AppData\Local\Temp\MediaPlayer__11426.exe
C:\Users\Sergej\AppData\Local\Temp\qqpcmgr_v11.3.17195.214_78444_Silence.exe
C:\Users\Sergej\AppData\Local\Temp\Setup.exe
C:\Users\Sergej\AppData\Local\Temp\svhosts.exe
C:\Users\Sergej\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Sergej\AppData\Local\Temp\{C1F72A77-961C-49FC-B1D9-330A355CCE64}.dll
C:\Users\Sergej\AppData\Local\Temp\{D9B761FF-419B-4256-9543-FE0E65A60C19}.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-16 16:57

==================== End of FRST.txt ============================



mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Pozdrav,


Preuzmi Zemana AntiMalware i sacuvaj ga na Deskop.


Arrow Kada preuzimanje bude zavrseno:

Dvoklikom pokreni instalaciju i prati uputstva. Instalacija je standardna bez ikakvih dodatnih opcija.
Nakon instalacije, program ce se automatski pokrenuti i sada je potrebno klikniti na Scan.
Kada se skeniranje zavrsi, klikni Next kako bi uklonio sve pronadjene stavke.
Ako ti zatrazi da restartujes racunar, klikni na Reboot.
Ukoliko je racunar ozbiljno inficiran, nakon restarta ce uslediti jos jedno skeniranje.


Arrow Nakon toga, potrebno je da dostavis izvestaj/e:

Na tastaturi pritisni + R u isto vreme.
Kopiraj sledecu komandu i potvrdi sa OK:
%USERPROFILE%\AppData\Local\Zemana\Zemana AntiMalware\reports
Najnovji izvestaj/e kopiraj na Deskop, a zatim ga prikaci u sledecoj poruci.

offline
  • Pridružio: 10 Apr 2016
  • Poruke: 66

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Odlicno. Kakva je sada situacija?

offline
  • Pridružio: 10 Apr 2016
  • Poruke: 66

Kada sam resetovao podesavanja browsera sve se vratilo u normalu.Hvalaa Smile Ziveli

Ko je trenutno na forumu
 

Ukupno su 1048 korisnika na forumu :: 52 registrovanih, 8 sakrivenih i 988 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, 357magnum, babaroga, bobomicek, bojank, bojcistv, BORUTUS, Bubimir, cemix, crnitrn, DeerHunter, DENIRO, Dimitrise93, Doca, dragoljub11987, Duh sa sekirom, dule10savic, Futog 74, Georgius, ILGromovnik, Još malo pa deda, kinez88, kobaja77, kybonacci, Lieutenant, maiden6657, Metanoja, milenko crazy north, muaddib, Nemanja.M, nick79, opt1, panzerwaffe, Regrut Boskica, Ripanjac, RJ, royst33, ruma, S2M, sabros, Sir Budimir, slonic_tonic, Srki94, stalja, suton, tmanda323, uruk, VJ, wolf431, zicko.spacek, Čivi, 79693