MyCity » Ambulanta -> Arhiva Ambulante » Usporen pc ,narocito internet

Usporen pc ,narocito internet

Napisano na dan: 7.10.2014
1

Usporen pc ,narocito internet
Sledeća strana Pagination

Idi na vrh

Poslao: 07 Okt 2014 10:53
Idi na vrh
offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

U poslednje vreme racunar mi sve sporije radi, AV nista ne prijavljuje to je prvi problem i drugi problem je sto kada kliknem na neku stranicu istovremeno se otvara i po jedan mozilin prozor a ponekad i vise uzastopno i veoma sporo radi. Imam 10 mb kablovski internet...

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014 01
Ran by Boban (administrator) on BOBAN-PC on 07-10-2014 10:41:57
Running from C:\Users\Boban\Desktop
Loaded Profiles: Boban & UpdatusUser (Available profiles: Boban & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LSoft Technologies Inc) C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(MagicISO, Inc.) C:\Program Files\MagicDisc\MagicDisc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
() C:\Users\Boban\AppData\Roaming\VideoDrivers\CPU\x86\minerd.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-07-06] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...\Policies\Explorer\Run: [SysLogger32] => C:\Windows\security\Syslogs\core32_178.dll [1476608 2013-09-07] ( ())
HKU\S-1-5-21-1582240820-2018686280-1996047769-1000\...\MountPoints2: {61c39312-34ca-11e3-92d2-ebe75371da66} - L:\SETUP.EXE
HKU\S-1-5-18\...\Run: [Advanced SystemCare 7] => "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update ESET's license.lnk
ShortcutTarget: Update ESET's license.lnk -> C:\Program Files\ESET\MiNODLogin\launcher.exe (No File)
Startup: C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\safetynut\x64\safetycrt.dll
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9094D995FB81CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&babsrc=SP_ss_mib2&mntrId=D0EC00064F98B665&affID=128403&tsp=5198
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&locale=en_EU
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\user.js
FF SearchPlugin: C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\searchplugins\Web Search.xml
FF Extension: TheTorntv V10 - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-09-15]
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\artur.dubovoy@gmail.com [2014-09-15]
FF Extension: Website Counselor - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e} [2014-09-15]
FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi [2014-09-15]
FF Extension: To Google Translate - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2014-09-15]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-09-03]

Chrome:
=======
CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-104&v=a13277-328&t=4"
CHR DefaultSearchProvider: Default -> Ask.com
CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}
CHR CustomProfile: C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-02]
CHR Extension: (Google Wallet) - C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (GoPhoto.it) - C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2014-01-19]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx [2013-08-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [237792 2012-10-23] (LSoft Technologies Inc)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [387616 2009-08-10] ()
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-11] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-11] (globalUpdate) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [178720 2009-08-10] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-08-15] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-08-15] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-08-15] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-08-15] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-08-15] (ESET)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [98816 2013-04-24] (Gemalto)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.)
R3 rtl819xp; C:\Windows\System32\DRIVERS\rtl819xp.sys [559208 2014-07-06] (Realtek Semiconductor Corporation )
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [805888 2011-01-26] (Windows (R) Win 7 DDK provider)
S3 WFLR6654; C:\Windows\System32\drivers\wfeaglxt.sys [433920 2009-10-21] (Leadtek Research Inc.)
S3 pfc; system32\drivers\pfc.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-07 10:41 - 2014-10-07 10:42 - 00019170 _____ () C:\Users\Boban\Desktop\FRST.txt
2014-10-07 10:41 - 2014-10-07 10:42 - 00000000 ____D () C:\FRST
2014-10-07 10:40 - 2014-10-07 10:40 - 01101312 _____ (Farbar) C:\Users\Boban\Desktop\FRST.exe
2014-10-06 14:02 - 2014-10-06 14:01 - 00214028 _____ () C:\UPLATA.EXE
2014-10-02 14:39 - 2014-10-03 15:42 - 00000000 ____D () C:\TimeTables
2014-10-01 15:39 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 20:10 - 2014-09-30 20:17 - 00000000 ____D () C:\Program Files\idoo
2014-09-30 19:56 - 2014-09-30 19:58 - 00000000 ____D () C:\Users\Boban\Downloads\idoo Video Editor Pro -Kayz Afridi-
2014-09-30 19:18 - 2014-09-30 20:26 - 3900907520 ____R () C:\Users\Boban\Downloads\Windows_8.1_Pro_X64_Activated.iso
2014-09-30 18:45 - 2014-09-30 18:51 - 00000400 __RSH () C:\ProgramData\ntuser.pol
2014-09-30 18:39 - 2014-09-30 18:39 - 00001075 _____ () C:\Users\Boban\Desktop\CleanMyPC - Registry Cleaner (2).lnk
2014-09-29 23:09 - 2014-09-30 18:41 - 00000000 ____D () C:\Users\Boban\Downloads\Windows 8.1 Update 1 Pro X64 PreActivated
2014-09-29 10:16 - 2014-09-29 10:16 - 128076958 _____ () C:\Windows\MEMORY.DMP
2014-09-29 10:16 - 2014-09-29 10:16 - 00131120 _____ () C:\Windows\Minidump\092914-18470-01.dmp
2014-09-27 19:47 - 2014-09-27 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ Hard Disk Monitor
2014-09-27 19:47 - 2014-09-27 19:47 - 00000000 ____D () C:\Program Files\LSoft Technologies Inc
2014-09-27 19:43 - 2014-09-27 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-27 19:43 - 2014-09-27 19:43 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-25 14:34 - 2014-09-25 14:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-25 09:33 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 15:26 - 2014-10-07 10:10 - 00002578 _____ () C:\Windows\setupact.log
2014-09-23 15:26 - 2014-09-23 15:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 20:57 - 2014-09-22 20:41 - 00415040 _____ () C:\KALKDRAG.EXE
2014-09-21 20:52 - 2014-09-22 11:09 - 00423600 _____ () C:\FAKTDEJA.EXE
2014-09-20 12:10 - 2014-09-20 12:10 - 00000000 ____D () C:\Users\Boban\sMedio
2014-09-20 12:10 - 2014-09-20 12:10 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\sMedio
2014-09-20 12:04 - 2014-09-20 12:04 - 00001962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel WinDVD Pro 11.lnk
2014-09-20 12:04 - 2014-09-20 12:04 - 00001950 _____ () C:\Users\Public\Desktop\Corel WinDVD Pro 11.lnk
2014-09-20 12:04 - 2014-09-20 12:04 - 00000000 ____D () C:\ProgramData\sMedio
2014-09-20 12:02 - 2014-09-20 12:02 - 00000000 ____D () C:\Program Files\sMedio
2014-09-20 12:02 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-09-20 12:02 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-09-20 11:52 - 2014-09-20 11:55 - 00000000 ____D () C:\Users\Boban\Downloads\Corel WinDVD Pro 11.6.1.13.301045
2014-09-19 16:55 - 2014-09-20 11:17 - 00127477 _____ () C:\Users\Boban\Documents\PDR.dmp
2014-09-19 16:01 - 2014-09-19 16:01 - 00000000 ____D () C:\SmartSound Software
2014-09-19 16:01 - 2014-09-19 16:01 - 00000000 ____D () C:\Program Files\SmartSound Software
2014-09-19 16:00 - 2014-09-19 17:05 - 00002559 _____ () C:\Users\Boban\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\UpdatusUser\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\TEMP\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\Default\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\Default User\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 15:57 - 2014-09-19 16:00 - 00000000 ____D () C:\Program Files\CyberLink
2014-09-19 15:43 - 2014-09-19 16:03 - 00000000 ____D () C:\Users\Boban\Downloads\CyberLink Power Director 11 Ultra
2014-09-19 15:42 - 2014-09-19 15:47 - 245557088 _____ () C:\Users\Boban\Downloads\RAR FILE_CYBERLINK_POWERDIRECTOR 8_100% WORKING SERIAL.rar
2014-09-19 15:34 - 2014-09-19 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-09-19 15:33 - 2014-09-19 15:33 - 00000000 ____D () C:\Program Files\Sony
2014-09-19 15:02 - 2014-10-06 14:15 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\uTorrent
2014-09-19 15:02 - 2014-09-19 15:02 - 00000831 _____ () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-09-19 14:46 - 2014-09-19 14:46 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Sony Creative Software Inc
2014-09-18 21:31 - 2014-09-19 14:46 - 00000000 ____D () C:\Users\Boban\AppData\Local\Sony
2014-09-18 21:30 - 2014-09-19 15:33 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Sony
2014-09-18 21:26 - 2014-09-18 21:26 - 00000000 ____D () C:\Users\Boban\Downloads\SONY Vegas Pro 11.0 Build 370 + Patch (32-bit) [RH]
2014-09-18 20:39 - 2014-09-18 20:39 - 00002164 _____ () C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk
2014-09-18 20:39 - 2014-09-18 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio SE DVD
2014-09-18 20:19 - 2014-09-18 20:20 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-09-18 20:19 - 2014-09-18 20:20 - 00000000 ____D () C:\IExp1.tmp
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\Windows\RegisteredPackages
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\IExp0.tmp
2014-09-18 18:50 - 2014-09-18 18:50 - 00000000 ____D () C:\Program Files\Somagic
2014-09-18 18:50 - 2014-09-18 18:50 - 00000000 ____D () C:\Program Files\Common Files\Somagic
2014-09-18 18:50 - 2011-01-26 11:31 - 00805888 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\SmiUsbGrabber3C.sys
2014-09-17 19:41 - 2014-09-18 20:44 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Ulead Systems
2014-09-17 19:37 - 2014-09-17 19:37 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\InstallShield
2014-09-17 19:34 - 2014-09-20 11:22 - 00000000 ____D () C:\Program Files\Ulead Systems
2014-09-17 19:34 - 2014-09-20 11:21 - 00000000 ____D () C:\Program Files\Common Files\Ulead Systems
2014-09-17 19:08 - 2014-09-17 19:08 - 00000000 ____D () C:\Program Files\MagicDisc
2014-09-17 19:08 - 2009-02-24 18:42 - 00116736 _____ (MagicISO, Inc.) C:\Windows\system32\Drivers\mcdbus.sys
2014-09-16 20:45 - 2014-09-20 12:04 - 00000000 ____D () C:\Program Files\Common Files\InterVideo
2014-09-16 20:39 - 2014-09-16 20:39 - 00000005 _____ () C:\Windows\system32\lMMLDeleteUserData42107612FX.tmp
2014-09-16 17:38 - 2014-09-16 17:38 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\VOS
2014-09-16 16:04 - 2014-09-16 16:04 - 00000000 ____D () C:\Program Files\GTWorks
2014-09-16 16:01 - 2014-09-16 16:01 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Aegisub
2014-09-16 14:13 - 2014-09-16 14:13 - 00000000 ____D () C:\Users\Boban\Downloads\VirtualDub_198
2014-09-16 11:02 - 2014-09-16 11:02 - 00000000 ____D () C:\Users\Boban\New folder (2)
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\Documents\ShowBiz 2
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\Documents\My Albums
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\ArcSoft
2014-09-15 22:20 - 2014-09-16 13:59 - 00000000 ____D () C:\Program Files\Common Files\element5 Shared
2014-09-15 22:20 - 2014-09-15 22:20 - 00000000 ____D () C:\ProgramData\element5
2014-09-15 22:17 - 1995-07-31 13:44 - 00212480 _____ (Eastman Kodak) C:\Windows\PCDLIB32.DLL
2014-09-15 20:37 - 2014-09-15 20:37 - 00000000 ____D () C:\Users\Boban\Downloads\Arcadia
2014-09-15 17:27 - 2009-09-04 17:29 - 01974616 ____N (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-09-15 17:27 - 2009-09-04 17:29 - 01892184 ____N (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-09-15 17:26 - 2007-07-19 18:14 - 03727720 ____N (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-09-15 17:26 - 2006-03-31 12:40 - 02388176 ____N (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-09-15 16:56 - 2014-09-16 14:19 - 00000000 ____D () C:\Program Files\Movavi Video Editor 4
2014-09-15 16:45 - 2014-09-16 14:15 - 00000000 ____D () C:\Program Files\DVDlabPro2
2014-09-15 16:22 - 2014-09-15 16:22 - 00001022 _____ () C:\Users\UpdatusUser\Desktop\Idigicon VHS Backup.lnk
2014-09-15 16:22 - 2014-09-15 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD
2014-09-15 16:22 - 2014-09-15 16:22 - 00000000 ____D () C:\Program Files\XviD
2014-09-15 16:00 - 2014-09-20 11:16 - 00000000 ____D () C:\Users\Boban\Documents\Ulead VideoStudio SE
2014-09-15 15:55 - 2014-09-15 15:55 - 00000000 ____D () C:\ProgramData\InstallShield
2014-09-15 15:27 - 2014-09-16 15:08 - 00000000 ____D () C:\Users\Boban\AppData\Local\CrashDumps
2014-09-15 15:18 - 2014-09-28 15:03 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-15 15:18 - 2014-09-15 15:19 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Mozilla
2014-09-15 15:18 - 2014-09-15 15:18 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-15 10:54 - 2014-09-15 10:54 - 00212940 _____ () C:\REINDEX.EXE
2014-09-14 20:44 - 2014-09-14 20:44 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\TechSmith
2014-09-14 20:43 - 2014-09-14 20:43 - 00000000 ____D () C:\Users\Boban\Documents\Camtasia Studio
2014-09-14 20:40 - 2014-09-16 15:31 - 00000000 ____D () C:\Program Files\TechSmith
2014-09-14 19:59 - 2014-09-16 10:30 - 00000040 _____ () C:\Windows\EditPack.INI
2014-09-14 19:59 - 2014-09-14 19:59 - 00000000 ____D () C:\Users\Boban\AppData\Local\VHS to DVD
2014-09-14 19:58 - 2014-09-15 15:09 - 00000000 ____D () C:\Users\Boban\Documents\VHS to DVD
2014-09-14 19:56 - 2014-09-14 19:56 - 00000000 ____D () C:\Program Files\honestech
2014-09-14 19:51 - 2014-09-19 16:55 - 00000000 ____D () C:\ProgramData\CyberLink
2014-09-14 19:51 - 2014-09-15 16:08 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\CyberLink
2014-09-14 19:51 - 2014-09-14 19:51 - 00000000 ____D () C:\Users\Public\CyberLink
2014-09-14 19:51 - 2014-09-14 19:51 - 00000000 ____D () C:\Users\Boban\Documents\CyberLink
2014-09-14 19:49 - 2014-09-19 16:01 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc
2014-09-14 19:49 - 2014-09-14 19:49 - 00000000 ____D () C:\ProgramData\eSellerate
2014-09-14 19:47 - 2014-09-14 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-09-14 19:46 - 2014-09-14 19:47 - 00000000 ____D () C:\Program Files\QuickTime
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\Users\Boban\AppData\Local\Apple
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\ProgramData\Apple
2014-09-12 12:30 - 2014-09-12 12:29 - 00003732 _____ () C:\PROMBUT.DBF
2014-09-11 22:19 - 2014-10-06 14:26 - 00000000 ____D () C:\Raspored
2014-09-11 22:19 - 2014-09-11 22:19 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\aSc Timetables
2014-09-11 18:26 - 2014-10-07 10:10 - 00002742 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-1.job
2014-09-11 18:26 - 2014-10-07 10:10 - 00002418 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-5_user.job
2014-09-11 18:26 - 2014-10-07 10:10 - 00002418 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-5.job
2014-09-11 18:26 - 2014-09-11 18:26 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\WebExtend
2014-09-11 18:25 - 2014-10-07 10:25 - 00003442 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-6.job
2014-09-11 18:25 - 2014-10-07 10:10 - 00003786 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-4.job
2014-09-11 18:25 - 2014-10-07 10:10 - 00003106 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-7.job
2014-09-11 18:25 - 2014-10-07 10:10 - 00002762 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-3.job
2014-09-11 18:25 - 2014-09-11 18:25 - 00004468 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-11.job
2014-09-11 18:04 - 2014-09-11 18:05 - 00000000 ____D () C:\Users\Boban\Desktop\Raspored
2014-09-11 16:48 - 2014-09-11 16:48 - 00063488 _____ () C:\Users\Boban\Downloads\asc.timetables.2014-fixed.patch.exe
2014-09-10 16:09 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 16:09 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 16:09 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 16:09 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 16:09 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 16:09 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 16:09 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 16:09 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 16:09 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 16:09 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 16:09 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 16:09 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 16:09 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 16:09 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 16:09 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 16:09 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 16:09 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 16:09 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 16:09 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 16:09 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 16:09 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 16:09 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 16:09 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 16:09 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 16:09 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 16:09 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 16:09 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 16:09 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 16:09 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 16:09 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 16:04 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 15:48 - 2014-09-10 15:48 - 00002043 _____ () C:\TuneUp 1-Click Maintenance.lnk
2014-09-10 15:48 - 2014-09-10 15:48 - 00002013 _____ () C:\TuneUp Utilities 2014.lnk
2014-09-10 15:23 - 2014-03-20 14:44 - 00036664 ____N (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-09-10 15:23 - 2014-03-20 14:44 - 00025400 ____N (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-09-10 15:20 - 2014-09-16 11:26 - 00000000 ____D () C:\Users\Boban\Documents\Ulead VideoStudio
2014-09-10 15:17 - 2014-09-10 15:17 - 00000000 ____D () C:\ProgramData\InterVideo
2014-09-10 15:14 - 2014-09-18 20:37 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-09-10 14:33 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 14:33 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 14:32 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 14:31 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 17:41 - 2014-09-09 17:42 - 00000000 ____D () C:\vsx5
2014-09-09 17:08 - 2014-09-09 17:08 - 00001121 _____ () C:\Users\Public\Desktop\WebSite X5 Professional 10.lnk
2014-09-09 17:08 - 2014-09-09 17:08 - 00000000 ____D () C:\Users\Boban\AppData\Local\Incomedia
2014-09-09 17:08 - 2014-09-09 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 v10 - Professional
2014-09-09 17:05 - 2014-09-09 17:08 - 00000000 ____D () C:\Program Files\WebSite X5 v10 - Professional
2014-09-09 14:20 - 2014-09-09 14:21 - 00000000 ____D () C:\Users\Boban\Documents\Quick-PDF PDF to Word
2014-09-09 14:20 - 2014-09-09 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF to Word
2014-09-09 14:20 - 2014-09-09 14:20 - 00000000 ____D () C:\Program Files\PDF to Word
2014-09-09 14:19 - 2014-09-09 14:19 - 00000000 ____D () C:\Users\Boban\Downloads\Quick-PDF PDF To Word Converter 2.2 + (zabranjeno)-[HB]
2014-09-09 14:11 - 2014-09-09 14:11 - 00001066 _____ () C:\Users\Boban\Desktop\PDFConverter.lnk
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Softplicity
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total PDF Converter
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\Program Files\Total PDF Converter
2014-09-09 14:05 - 2014-09-09 14:05 - 00000000 ____D () C:\ProgramData\pdf-watermark-remover-wm
2014-09-09 14:02 - 2014-09-09 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Watermark Revmoer
2014-09-09 14:02 - 2014-09-09 14:02 - 00000000 ____D () C:\Program Files\PDF Watermark Revmoer
2014-09-08 10:11 - 2014-09-08 10:11 - 00001234 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\Users\Boban\AppData\Local\VS Revo Group
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-08 10:11 - 2009-12-30 10:21 - 00027192 ____N (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-09-08 10:09 - 2014-09-08 10:10 - 00000000 ____D () C:\Users\Boban\Downloads\Revo Uninstaller Pro 3.0.8 Final (32-64 Bit) ML - SceneDL (PimpRG)
2014-09-07 20:37 - 2014-09-07 20:38 - 00459711 _____ () C:\Users\Boban\Documents\xp1f5enc6ex0c1426d0672c28jcmipad
2014-09-07 20:37 - 2014-09-07 20:38 - 00224496 _____ () C:\Users\Boban\Documents\e1y5d71163v54nk04d74qh7j35djb80t
2014-09-07 20:37 - 2014-09-07 20:38 - 00088985 _____ () C:\Users\Boban\Documents\043ld7bpnwnu26162f80v3g8o8kc17va
2014-09-07 20:37 - 2014-09-07 20:38 - 00065005 _____ () C:\Users\Boban\Documents\ojabr49o9dnt0v4y77y089xpjhf5iz4n
2014-09-07 20:37 - 2014-09-07 20:38 - 00041748 _____ () C:\Users\Boban\Documents\34l19yw3cpw30318sejssm6018m8e2kl
2014-09-07 13:34 - 2014-09-07 13:34 - 00000000 ____D () C:\Users\Boban\.net
2014-09-07 13:33 - 2014-09-07 13:34 - 02128638 _____ () C:\Users\Boban\Downloads\Advanced Find And Replace v7.8.1 (zabranjeno).rar
2014-09-07 13:33 - 2014-09-07 13:33 - 00856361 _____ () C:\Users\Boban\Desktop\FAR-1.8-win.zip
2014-09-07 12:09 - 2014-09-07 13:16 - 00000000 ____D () C:\Users\Boban\Documents\Incomedia
2014-09-07 10:58 - 2014-09-07 10:58 - 17833425 _____ () C:\Users\Boban\Documents\BRUS.cab
2014-09-07 10:55 - 2014-09-07 10:55 - 00001075 _____ () C:\Users\Boban\Desktop\CleanMyPC - Registry Cleaner.lnk
2014-09-07 10:55 - 2014-09-07 10:55 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\CleanMyPC Software
2014-09-07 10:55 - 2014-09-07 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanMyPC Registry Cleaner
2014-09-07 10:55 - 2014-09-07 10:55 - 00000000 ____D () C:\Program Files\CleanMyPC
2014-09-07 10:54 - 2014-09-07 10:54 - 00000000 ____D () C:\Users\Boban\Downloads\CleanMyPC.Registry.Cleaner.v4.41.Incl.Keygen.X64-Lz0
2014-09-07 10:50 - 2014-09-07 10:50 - 00102367 _____ () C:\Users\Boban\Desktop\gcount13.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-07 10:24 - 2014-09-02 16:24 - 00002222 _____ () C:\Windows\Tasks\a7982934-0630-49b5-bdb1-d23d83f53ffd-4.job
2014-10-07 10:17 - 2014-02-23 11:52 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf307cea445b20.job
2014-10-07 10:17 - 2009-07-14 06:34 - 00021280 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-07 10:17 - 2009-07-14 06:34 - 00021280 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-07 10:12 - 2014-09-03 13:39 - 01805863 _____ () C:\Windows\WindowsUpdate.log
2014-10-07 10:10 - 2014-09-02 19:05 - 00004468 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-11.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00002710 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-4.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00002372 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-6.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00002244 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-7.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00001812 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-1.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00001750 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-5_user.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00001730 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-5.job
2014-10-07 10:10 - 2014-09-02 19:04 - 00003106 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-3.job
2014-10-07 10:10 - 2014-09-02 16:24 - 00000874 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-07 10:10 - 2014-02-23 11:52 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf307ce82fd300.job
2014-10-07 10:10 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-06 16:44 - 2013-07-16 12:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-06 15:19 - 2013-10-16 15:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-06 13:45 - 2013-07-24 16:58 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Skype
2014-10-04 12:30 - 2014-09-02 16:24 - 00000878 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-03 15:56 - 2013-07-15 21:24 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\GHISLER
2014-10-03 15:56 - 2013-07-15 21:24 - 00000000 ____D () C:\Total Commander 2012 v8.01 RC4 Full
2014-10-03 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-03 15:33 - 2009-07-14 06:53 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-01 16:48 - 2013-08-15 13:19 - 00000440 ____H () C:\Windows\Tasks\Norton Security Scan for Boban.job
2014-10-01 16:02 - 2014-08-05 14:52 - 00000000 ____D () C:\Windows\rescache
2014-09-30 20:12 - 2013-10-11 14:57 - 00000193 _____ () C:\Windows\WORDPAD.INI
2014-09-30 20:00 - 2010-11-20 23:01 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-30 18:48 - 2014-08-04 12:02 - 00000045 _____ () C:\Windows\system32\_WKERNEL.SYL
2014-09-30 18:45 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-29 10:16 - 2014-08-05 14:16 - 00000000 ____D () C:\Windows\Minidump
2014-09-27 19:47 - 2013-07-16 09:42 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-27 19:44 - 2013-07-24 16:58 - 00000000 ____D () C:\ProgramData\Skype
2014-09-27 19:44 - 2013-07-16 12:42 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-27 19:44 - 2013-07-16 12:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-27 19:43 - 2013-07-24 16:58 - 00000000 ___RD () C:\Program Files\Skype
2014-09-23 11:25 - 2013-12-12 16:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-23 11:11 - 2013-07-16 15:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-21 20:53 - 2013-07-17 17:05 - 00000461 _____ () C:\Windows\VC.INI
2014-09-20 12:10 - 2013-07-15 21:22 - 00000000 ____D () C:\Users\Boban
2014-09-19 15:52 - 2009-07-14 04:04 - 00000918 _____ () C:\Windows\win.ini
2014-09-19 15:03 - 2013-08-27 13:39 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\OpenCandy
2014-09-18 20:36 - 2013-07-16 15:28 - 00000000 ____D () C:\Users\Boban\AppData\Local\Adobe
2014-09-18 19:14 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-17 19:08 - 2013-10-14 14:52 - 00000927 _____ () C:\Users\UpdatusUser\Desktop\MagicDisc.lnk
2014-09-17 19:08 - 2013-10-14 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
2014-09-17 18:50 - 2009-07-14 06:33 - 00460896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-17 18:49 - 2013-07-15 21:32 - 00128776 _____ () C:\Users\Boban\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-16 20:39 - 2013-07-27 15:28 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\HTC
2014-09-16 20:39 - 2013-07-27 12:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-09-16 20:39 - 2013-07-27 12:38 - 00000000 ____D () C:\ProgramData\HTC
2014-09-16 14:18 - 2013-12-27 11:49 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-09-16 14:18 - 2013-12-27 11:49 - 00000000 ____D () C:\Users\Boban\AppData\Local\Mobogenie
2014-09-16 14:05 - 2014-03-19 10:39 - 00000000 ____D () C:\Program Files\CCP Server 5
2014-09-16 14:04 - 2014-03-19 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberCafePro Main Control Station 5
2014-09-15 16:55 - 2013-07-27 12:43 - 00000000 ____D () C:\Users\Boban\AppData\Local\Downloaded Installations
2014-09-15 15:53 - 2013-07-16 09:45 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-09-15 11:13 - 2013-07-16 13:10 - 00000000 ____D () C:\Windows\pss
2014-09-15 09:06 - 2013-07-15 21:22 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-14 19:51 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-09-14 19:49 - 2013-12-28 17:54 - 00000000 ____D () C:\Users\TEMP
2014-09-10 16:04 - 2013-10-14 14:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 16:04 - 2013-08-14 13:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 15:57 - 2013-07-15 21:21 - 98758480 ____N (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 15:49 - 2014-01-11 12:51 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\TuneUp Software
2014-09-10 15:21 - 2014-01-11 12:50 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-10 15:20 - 2013-08-27 13:39 - 00001183 _____ () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-09-09 18:08 - 2013-07-25 11:56 - 00000000 ___RD () C:\Users\Boban\Dropbox
2014-09-09 16:54 - 2013-07-25 11:54 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Dropbox
2014-09-09 15:02 - 2013-07-15 21:24 - 00000000 ____D () C:\DOS
2014-09-08 10:11 - 2014-09-03 13:38 - 00000000 ____D () C:\Users\Boban\Desktop\Data
2014-09-07 20:49 - 2014-02-25 15:01 - 00517899 _____ () C:\TREEINFO.NCD
2014-09-07 20:42 - 2014-09-04 16:10 - 00238287 _____ () C:\Users\Boban\Documents\fszgw0c2z7x9u3t11y10k0zfzz62mpsq
2014-09-07 20:42 - 2014-09-04 16:10 - 00226356 _____ () C:\Users\Boban\Documents\559hqbtfu17dje559ixf2r1sf41erm2u
2014-09-07 20:42 - 2014-09-04 16:10 - 00218443 _____ () C:\Users\Boban\Documents\f8j24lvi0t43o071sjlhy1pwui16q750
2014-09-07 20:42 - 2014-09-04 16:10 - 00205613 _____ () C:\Users\Boban\Documents\819gtolf8y850gq3n6a1v80402wtbn97
2014-09-07 20:42 - 2014-09-04 16:10 - 00196670 _____ () C:\Users\Boban\Documents\9t0veto51y430l5o2917l33y1e1ix5q5
2014-09-07 20:42 - 2014-09-04 16:10 - 00191895 _____ () C:\Users\Boban\Documents\11xr489wt7h1w1uaipz4uo67wai7q50t
2014-09-07 20:42 - 2014-09-04 16:10 - 00083607 _____ () C:\Users\Boban\Documents\b6zh8jm8o5204dj2ukb8grl207gay99i
2014-09-07 20:42 - 2014-09-04 16:10 - 00061952 _____ () C:\Users\Boban\Documents\94oglw7e496se4wtfkd1yxpjc62z1c72
2014-09-07 20:42 - 2014-09-04 16:10 - 00036400 _____ () C:\Users\Boban\Documents\b1gt20ux2u9d404o0dc6mm4e30n35c41
2014-09-07 20:42 - 2014-09-04 16:10 - 00033731 _____ () C:\Users\Boban\Documents\3o9047ze77b551h4n695gq5oy7pspfr3
2014-09-07 20:42 - 2014-09-04 16:10 - 00028504 _____ () C:\Users\Boban\Documents\job17y4g6ljzxk7c0kz1d3iscqhw4e2f
2014-09-07 20:42 - 2014-09-04 16:10 - 00010506 _____ () C:\Users\Boban\Documents\w3d9l9xq6zgh9vxgg5duh9301u6y4nd2
2014-09-07 20:42 - 2014-09-04 16:10 - 00002486 _____ () C:\Users\Boban\Documents\index.xml
2014-09-07 20:42 - 2014-09-04 16:10 - 00002126 _____ () C:\Users\Boban\Documents\backup.xml
2014-09-07 20:38 - 2014-09-04 16:10 - 00135937 _____ () C:\Users\Boban\Documents\303c3k87pibh4cg16z3rb976303r2jy5

Some content of TEMP:
====================
C:\Users\Boban\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-01 15:54

==================== End Of Log ============================
[Link mogu videti samo ulogovani korisnici]



Poslao: 07 Okt 2014 14:43
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Da li si ti instalirao Award Keylogger?



Poslao: 07 Okt 2014 19:29
Idi na vrh
offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

Moguce. Hteo sam da isprobam kako radi ali to je bilo odavno. Ne verujem da je aktivan

Poslao: 07 Okt 2014 20:50
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U redu. Vidim da koristiš piratski ESET SS, da imaš BitCoin miner i još hrpu adwarea.


Arrow Korak 1

Deinstaliraj ESET SS kroz Control Panel -> Programs and Features kao i ESET Antivirus License Finder. Kada završimo čišćenje malwarea i adwarea dobićeš uputstva šta dalje što se antivirusne zaštite tiče.
Nakon toga deinstaliraj (kroz Control Panel -> Programs and Features):

Award Keylogger 2.5
CleanMyPC - Registry Cleaner

Kada završiš ovo pređi na korak 2.




Arrow Korak 2

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt



Arrow Korak 3

Preuzmi Junkware Removal Tool (JRT) i sačuvaj ga na Desktop.

Zatvori browser i ostale pokrenute programe

Privremeno deaktiviraj zaštitni softver (Uputstvo);

Dvoklikom na ikonicu () pokreni program JRT;

Kod obavještenja "Press any key" pritisnuti bilo koji taster i alat ce započeti skeniranje.
Napomena: u ovisnosti od hardvera račuanra vreme skeniranja u nekim slučajevima moze da potraje.

Kada završi otvorice se Notepad sa izvještajem koji ce biti sačuvan na Desktopu pod nazivom JRT.txt

Arrow Kopiraj sadržaj tog loga u temu.



Arrow Korak 4

Ponovo pokreni FRST, označi opciju Addition.txt, klikni na Scan i kada završi postavi mi nove FRST.txt i Addition.txt izvještaje.

Poslao: 07 Okt 2014 23:47
Idi na vrh
offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

Napisano: 07 Okt 2014 23:41

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.1 (10.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Boban on Tue 10/07/2014 at 23:28:44.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1582240820-2018686280-1996047769-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}



~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
Successfully deleted: [File] "C:\Windows\launcher.exe"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Boban\AppData\Roaming\cleanmypc software"
Successfully deleted: [Folder] "C:\Users\Boban\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\Boban\Local Settings\Application Data\thinstall"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Boban\AppData\Roaming\mozilla\firefox\profiles\rtc8ea7a.default-1381584217073\extensions\staged
Successfully deleted: [Folder] C:\Users\Boban\AppData\Roaming\mozilla\firefox\profiles\rtc8ea7a.default-1381584217073\extensions\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e}
Successfully deleted the following from C:\Users\Boban\AppData\Roaming\mozilla\firefox\profiles\rtc8ea7a.default-1381584217073\prefs.js

user_pref("browser.search.useDBForOrder", false);
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-
user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.testingGaq.value", "%22hxxp%3A//extclickmedia-maynemyltf.netdna-ssl.com/Extensions
user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A
user_pref("valueApps.autoDisableScopes", 0);
user_pref("valueApps.storage./9B+7E+x305", "2423");
user_pref("valueApps.storage./9B+7E,x305", "2423");
user_pref("valueApps.storage./9B+7E-x305", "2423");
user_pref("valueApps.storage./9B+7E.:2z527", "2423");
user_pref("valueApps.storage./9B+7E.x305", "2423");
user_pref("valueApps.storage./9B+7E/x305", "2423");
user_pref("valueApps.storage./9B+7E06CG5EL8:", "6E6D696A6F6B75767475");
user_pref("valueApps.storage./9B+7E06CG5EL;8I:K", "247E2D2F226A74736F7075717B7C7A7B242F4B49474F42357D5D5C3D");
user_pref("valueApps.storage./9B+7E0x305", "2423");
user_pref("valueApps.storage./9B+7E1x305", "2423");
user_pref("valueApps.storage./9B+7E2x305", "2423");
user_pref("valueApps.storage./9B+7E3x305", "2423");
user_pref("valueApps.storage./9B+7E4x305", "2423");
user_pref("valueApps.storage./9B+7E5x305", "2423");
user_pref("valueApps.storage./9B+7E6x305", "2423");
user_pref("valueApps.storage./9B+7E7x305", "2423");
user_pref("valueApps.storage./9B+7E8x305", "2423");
user_pref("valueApps.storage./9B+7E9x305", "2423");
user_pref("valueApps.storage./9B+7E:x305", "2423");
user_pref("valueApps.storage./9B+7E;x305", "2423");
user_pref("valueApps.storage./9B+7E<x305", "2423");
user_pref("valueApps.storage./9B+7E=x305", "2423");
user_pref("valueApps.storage./9B+7E>x305", "2423");
user_pref("valueApps.storage./9B+7E?x305", "2423");
user_pref("valueApps.storage./9B+7E@x305", "2423");
user_pref("valueApps.storage./9B+7EAx305", "2423");
user_pref("valueApps.storage./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
user_pref("valueApps.storage./9B+7EBx305", "2423");
user_pref("valueApps.storage./9B+7ECx305", "2423");
user_pref("valueApps.storage./9B+7EDx305", "2423");
user_pref("valueApps.storage./9B+7Etx305", "2423");
user_pref("valueApps.storage./9B-0?3G>D", "3C3D6E6E407142407A72457A762048487A21257B7C53532A5528572659292E2E592D2B32");
user_pref("valueApps.storage./9B-0?3G@6:5;", "");
user_pref("valueApps.storage./9B-0?3GFA7EF", "2B2E2C3D");
user_pref("valueApps.storage./9B-3=3ECCJA=F>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D57695D5D686365533C70766C66755E");
user_pref("valueApps.storage./9B/>01=9A6K6<IM;KRIE@PDAWM", "6E6A68707374757677");
user_pref("valueApps.storage./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
user_pref("valueApps.storage./9B5BA==9CJAG", "3C686B6C70723F457A4447487476494B764F4C7D50");
user_pref("valueApps.storage./9B6B11G4C56B>F;P;ANR@P", "6E6D696A6F6B75767475797676");
user_pref("valueApps.storage./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E");
user_pref("valueApps.storage./9B9643G3/9E", "6A");
user_pref("valueApps.storage./9B;45>:BI9I7IE", "2B2E2C3D");
user_pref("valueApps.storage./9B<:222H64<", "393F352F3E");
user_pref("valueApps.storage./9B<:222H64<L8DAJ", "6D70706F7673737974772A797A72797E757D7E");
user_pref("valueApps.storage./9B=+03EH8H8J?:", "4443");
user_pref("valueApps.storage./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
user_pref("valueApps.storage./9B?B0D:8AJ62<H", "6D");
user_pref("valueApps.storage./9BA@0<0BI6A7GN:6@L?", "6C");
user_pref("valueApps.storage.PG_ENABLE", "74727565");
user_pref("valueApps.storage._key_cl_active", "63653430353161372D373937652D346238632D393965642D656463336236663263633534");
user_pref("valueApps.storage.cbfirsttime", "5475652044656320333120323031332031323A34303A333320474D542B30313030202843656E7472616C204575726F7065205374616E646172642054696D6529");
user_pref("valueApps.storage.mam_gk_appStateReportTime", "31333838343930303330343935");
user_pref("valueApps.storage.mam_gk_appState_Clarity_Active", "6F6E");
user_pref("valueApps.storage.mam_gk_appsConfig", "7B2241707073436F6E66696775726174696F6E223A5B7B226964223A22436C61726974795F416374697665222C2275726C223A22687474703A2F2F73746F7
user_pref("valueApps.storage.mam_gk_appsDefaultEnabled", "74727565");
user_pref("valueApps.storage.mam_gk_calledSetupService", "31");
user_pref("valueApps.storage.mam_gk_currentVersion", "312E31322E302E35");
user_pref("valueApps.storage.mam_gk_first_time", "31");
user_pref("valueApps.storage.mam_gk_lastLoginTime", "31333838343930303330383439");
user_pref("valueApps.storage.mam_gk_localization", "7B226469616C6F674F4B223A7B2254657874223A224F4B227D2C22646D626F7831223A7B2254657874223A224465616C5C725C6E6F66207468652064617
user_pref("valueApps.storage.mam_gk_mamEnabled", "74727565");
user_pref("valueApps.storage.mam_gk_settings1.12.0.5", "7B22537461747573223A22737563636565646564222C2244617461223A7B2263757272656E7444617465223A223230313331323331222C22696E746
user_pref("valueApps.storage.mam_gk_showWelcomeGadget", "66616C7365");
user_pref("valueApps.storage.mam_gk_stamp", "35345F30");
user_pref("valueApps.storage.mam_gk_userId", "34363537303838652D316234362D346666612D393566352D306337653235653261336461");
user_pref("valueApps.storage.mam_gk_user_approval_interacted", "");
Emptied folder: C:\Users\Boban\AppData\Roaming\mozilla\firefox\profiles\rtc8ea7a.default-1381584217073\minidumps [73 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Boban\appdata\local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 10/07/2014 at 23:30:32.11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dopuna: 07 Okt 2014 23:44

[Link mogu videti samo ulogovani korisnici]

Dopuna: 07 Okt 2014 23:45

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

Dopuna: 07 Okt 2014 23:47

napomena
ESET Antivirus License nisam nasao u control panelu da ga reinstaliram kao ni keylogger, pa sam nesto rucno brisao,

Poslao: 07 Okt 2014 23:51
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nisi dobro postavio novi FRST.txt.

Poslao: 08 Okt 2014 08:26
Idi na vrh
offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014 01
Ran by Boban (administrator) on BOBAN-PC on 08-10-2014 08:18:58
Running from C:\Users\Boban\Desktop
Loaded Profiles: Boban & UpdatusUser (Available profiles: Boban & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LSoft Technologies Inc) C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(MagicISO, Inc.) C:\Program Files\MagicDisc\MagicDisc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-07-06] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [SysLogger32] => C:\Windows\security\Syslogs\core32_178.dll [1476608 2013-09-07] ( ())
HKU\S-1-5-21-1582240820-2018686280-1996047769-1000\...\MountPoints2: {61c39312-34ca-11e3-92d2-ebe75371da66} - L:\SETUP.EXE
HKU\S-1-5-18\...\Run: [Advanced SystemCare 7] => "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
Startup: C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9094D995FB81CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: TheTorntv V10 - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-09-15]
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\artur.dubovoy@gmail.com [2014-09-15]
FF Extension: Ultimate Finder - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-07]
FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi [2014-09-15]
FF Extension: To Google Translate - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2014-09-15]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-104&v=a13277-328&t=4"
CHR DefaultSearchProvider: Default -> Ask.com
CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}
CHR CustomProfile: C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-02]
CHR Extension: (Google Wallet) - C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [237792 2012-10-23] (LSoft Technologies Inc)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [387616 2009-08-10] ()
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [178720 2009-08-10] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [98816 2013-04-24] (Gemalto)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.)
R3 rtl819xp; C:\Windows\System32\DRIVERS\rtl819xp.sys [559208 2014-07-06] (Realtek Semiconductor Corporation )
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [805888 2011-01-26] (Windows (R) Win 7 DDK provider)
S3 WFLR6654; C:\Windows\System32\drivers\wfeaglxt.sys [433920 2009-10-21] (Leadtek Research Inc.)
S3 pfc; system32\drivers\pfc.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 08:18 - 2014-10-08 08:19 - 00011156 _____ () C:\Users\Boban\Desktop\FRST.txt
2014-10-07 23:31 - 2014-10-07 23:31 - 00009488 _____ () C:\Users\Boban\Desktop\JRT1.txt
2014-10-07 23:30 - 2014-10-07 23:30 - 00009488 _____ () C:\Users\Boban\Desktop\JRT.txt
2014-10-07 23:28 - 2014-10-07 23:28 - 00000000 ____D () C:\Windows\ERUNT
2014-10-07 23:27 - 2014-10-07 23:27 - 01705141 _____ (Thisisu) C:\Users\Boban\Desktop\JRT.exe
2014-10-07 23:27 - 2014-10-07 23:27 - 00025095 _____ () C:\Users\Boban\Desktop\AdwCleaner[S0].txt
2014-10-07 23:24 - 2014-10-07 23:24 - 00000314 _____ () C:\Windows\PFRO.log
2014-10-07 23:22 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-10-07 23:20 - 2014-10-07 23:23 - 00000000 ____D () C:\AdwCleaner
2014-10-07 23:20 - 2014-10-07 23:20 - 01375089 _____ () C:\Users\Boban\Desktop\AdwCleaner.exe
2014-10-07 10:41 - 2014-10-08 08:19 - 00000000 ____D () C:\FRST
2014-10-07 10:40 - 2014-10-07 10:40 - 01101312 _____ (Farbar) C:\Users\Boban\Desktop\FRST.exe
2014-10-06 14:02 - 2014-10-06 14:01 - 00214028 _____ () C:\UPLATA.EXE
2014-10-02 14:39 - 2014-10-03 15:42 - 00000000 ____D () C:\TimeTables
2014-10-01 15:39 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 20:10 - 2014-09-30 20:17 - 00000000 ____D () C:\Program Files\idoo
2014-09-30 19:56 - 2014-09-30 19:58 - 00000000 ____D () C:\Users\Boban\Downloads\idoo Video Editor Pro -Kayz Afridi-
2014-09-30 19:18 - 2014-09-30 20:26 - 3900907520 ____R () C:\Users\Boban\Downloads\Windows_8.1_Pro_X64_Activated.iso
2014-09-30 18:45 - 2014-09-30 18:51 - 00000400 __RSH () C:\ProgramData\ntuser.pol
2014-09-30 18:39 - 2014-09-30 18:39 - 00001075 _____ () C:\Users\Boban\Desktop\CleanMyPC - Registry Cleaner (2).lnk
2014-09-29 23:09 - 2014-09-30 18:41 - 00000000 ____D () C:\Users\Boban\Downloads\Windows 8.1 Update 1 Pro X64 PreActivated
2014-09-29 10:16 - 2014-09-29 10:16 - 128076958 _____ () C:\Windows\MEMORY.DMP
2014-09-29 10:16 - 2014-09-29 10:16 - 00131120 _____ () C:\Windows\Minidump\092914-18470-01.dmp
2014-09-27 19:47 - 2014-09-27 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ Hard Disk Monitor
2014-09-27 19:47 - 2014-09-27 19:47 - 00000000 ____D () C:\Program Files\LSoft Technologies Inc
2014-09-27 19:43 - 2014-09-27 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-27 19:43 - 2014-09-27 19:43 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-25 14:34 - 2014-09-25 14:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-25 09:33 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 15:26 - 2014-10-08 08:14 - 00002746 _____ () C:\Windows\setupact.log
2014-09-23 15:26 - 2014-09-23 15:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 20:57 - 2014-09-22 20:41 - 00415040 _____ () C:\KALKDRAG.EXE
2014-09-21 20:52 - 2014-09-22 11:09 - 00423600 _____ () C:\FAKTDEJA.EXE
2014-09-20 12:10 - 2014-09-20 12:10 - 00000000 ____D () C:\Users\Boban\sMedio
2014-09-20 12:10 - 2014-09-20 12:10 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\sMedio
2014-09-20 12:04 - 2014-09-20 12:04 - 00001962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel WinDVD Pro 11.lnk
2014-09-20 12:04 - 2014-09-20 12:04 - 00001950 _____ () C:\Users\Public\Desktop\Corel WinDVD Pro 11.lnk
2014-09-20 12:04 - 2014-09-20 12:04 - 00000000 ____D () C:\ProgramData\sMedio
2014-09-20 12:02 - 2014-09-20 12:02 - 00000000 ____D () C:\Program Files\sMedio
2014-09-20 12:02 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-09-20 12:02 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-09-20 11:52 - 2014-09-20 11:55 - 00000000 ____D () C:\Users\Boban\Downloads\Corel WinDVD Pro 11.6.1.13.301045
2014-09-19 16:55 - 2014-09-20 11:17 - 00127477 _____ () C:\Users\Boban\Documents\PDR.dmp
2014-09-19 16:01 - 2014-09-19 16:01 - 00000000 ____D () C:\SmartSound Software
2014-09-19 16:01 - 2014-09-19 16:01 - 00000000 ____D () C:\Program Files\SmartSound Software
2014-09-19 16:00 - 2014-09-19 17:05 - 00002559 _____ () C:\Users\Boban\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\UpdatusUser\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\TEMP\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\Default\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\Default User\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 15:57 - 2014-09-19 16:00 - 00000000 ____D () C:\Program Files\CyberLink
2014-09-19 15:43 - 2014-09-19 16:03 - 00000000 ____D () C:\Users\Boban\Downloads\CyberLink Power Director 11 Ultra
2014-09-19 15:42 - 2014-09-19 15:47 - 245557088 _____ () C:\Users\Boban\Downloads\RAR FILE_CYBERLINK_POWERDIRECTOR 8_100% WORKING SERIAL.rar
2014-09-19 15:34 - 2014-09-19 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-09-19 15:33 - 2014-09-19 15:33 - 00000000 ____D () C:\Program Files\Sony
2014-09-19 15:02 - 2014-10-06 14:15 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\uTorrent
2014-09-19 15:02 - 2014-09-19 15:02 - 00000831 _____ () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-09-19 14:46 - 2014-09-19 14:46 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Sony Creative Software Inc
2014-09-18 21:31 - 2014-09-19 14:46 - 00000000 ____D () C:\Users\Boban\AppData\Local\Sony
2014-09-18 21:30 - 2014-09-19 15:33 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Sony
2014-09-18 21:26 - 2014-09-18 21:26 - 00000000 ____D () C:\Users\Boban\Downloads\SONY Vegas Pro 11.0 Build 370 + Patch (32-bit) [RH]
2014-09-18 20:39 - 2014-09-18 20:39 - 00002164 _____ () C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk
2014-09-18 20:39 - 2014-09-18 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio SE DVD
2014-09-18 20:19 - 2014-09-18 20:20 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-09-18 20:19 - 2014-09-18 20:20 - 00000000 ____D () C:\IExp1.tmp
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\Windows\RegisteredPackages
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\IExp0.tmp
2014-09-18 18:50 - 2014-09-18 18:50 - 00000000 ____D () C:\Program Files\Somagic
2014-09-18 18:50 - 2014-09-18 18:50 - 00000000 ____D () C:\Program Files\Common Files\Somagic
2014-09-18 18:50 - 2011-01-26 11:31 - 00805888 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\SmiUsbGrabber3C.sys
2014-09-17 19:41 - 2014-09-18 20:44 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Ulead Systems
2014-09-17 19:37 - 2014-09-17 19:37 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\InstallShield
2014-09-17 19:34 - 2014-09-20 11:22 - 00000000 ____D () C:\Program Files\Ulead Systems
2014-09-17 19:34 - 2014-09-20 11:21 - 00000000 ____D () C:\Program Files\Common Files\Ulead Systems
2014-09-17 19:08 - 2014-09-17 19:08 - 00000000 ____D () C:\Program Files\MagicDisc
2014-09-17 19:08 - 2009-02-24 18:42 - 00116736 _____ (MagicISO, Inc.) C:\Windows\system32\Drivers\mcdbus.sys
2014-09-16 20:45 - 2014-09-20 12:04 - 00000000 ____D () C:\Program Files\Common Files\InterVideo
2014-09-16 20:39 - 2014-09-16 20:39 - 00000005 _____ () C:\Windows\system32\lMMLDeleteUserData42107612FX.tmp
2014-09-16 17:38 - 2014-09-16 17:38 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\VOS
2014-09-16 16:04 - 2014-09-16 16:04 - 00000000 ____D () C:\Program Files\GTWorks
2014-09-16 16:01 - 2014-09-16 16:01 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Aegisub
2014-09-16 14:13 - 2014-09-16 14:13 - 00000000 ____D () C:\Users\Boban\Downloads\VirtualDub_198
2014-09-16 11:02 - 2014-09-16 11:02 - 00000000 ____D () C:\Users\Boban\New folder (2)
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\Documents\ShowBiz 2
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\Documents\My Albums
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\ArcSoft
2014-09-15 22:20 - 2014-09-16 13:59 - 00000000 ____D () C:\Program Files\Common Files\element5 Shared
2014-09-15 22:20 - 2014-09-15 22:20 - 00000000 ____D () C:\ProgramData\element5
2014-09-15 22:17 - 1995-07-31 13:44 - 00212480 _____ (Eastman Kodak) C:\Windows\PCDLIB32.DLL
2014-09-15 20:37 - 2014-09-15 20:37 - 00000000 ____D () C:\Users\Boban\Downloads\Arcadia
2014-09-15 17:27 - 2009-09-04 17:29 - 01974616 ____N (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-09-15 17:27 - 2009-09-04 17:29 - 01892184 ____N (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-09-15 17:26 - 2007-07-19 18:14 - 03727720 ____N (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-09-15 17:26 - 2006-03-31 12:40 - 02388176 ____N (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-09-15 16:56 - 2014-09-16 14:19 - 00000000 ____D () C:\Program Files\Movavi Video Editor 4
2014-09-15 16:45 - 2014-09-16 14:15 - 00000000 ____D () C:\Program Files\DVDlabPro2
2014-09-15 16:22 - 2014-09-15 16:22 - 00001022 _____ () C:\Users\UpdatusUser\Desktop\Idigicon VHS Backup.lnk
2014-09-15 16:22 - 2014-09-15 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD
2014-09-15 16:22 - 2014-09-15 16:22 - 00000000 ____D () C:\Program Files\XviD
2014-09-15 16:00 - 2014-09-20 11:16 - 00000000 ____D () C:\Users\Boban\Documents\Ulead VideoStudio SE
2014-09-15 15:55 - 2014-09-15 15:55 - 00000000 ____D () C:\ProgramData\InstallShield
2014-09-15 15:27 - 2014-09-16 15:08 - 00000000 ____D () C:\Users\Boban\AppData\Local\CrashDumps
2014-09-15 15:18 - 2014-09-28 15:03 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-15 15:18 - 2014-09-15 15:19 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Mozilla
2014-09-15 15:18 - 2014-09-15 15:18 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-15 10:54 - 2014-09-15 10:54 - 00212940 _____ () C:\REINDEX.EXE
2014-09-14 20:44 - 2014-09-14 20:44 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\TechSmith
2014-09-14 20:43 - 2014-09-14 20:43 - 00000000 ____D () C:\Users\Boban\Documents\Camtasia Studio
2014-09-14 20:40 - 2014-09-16 15:31 - 00000000 ____D () C:\Program Files\TechSmith
2014-09-14 19:59 - 2014-09-16 10:30 - 00000040 _____ () C:\Windows\EditPack.INI
2014-09-14 19:59 - 2014-09-14 19:59 - 00000000 ____D () C:\Users\Boban\AppData\Local\VHS to DVD
2014-09-14 19:58 - 2014-09-15 15:09 - 00000000 ____D () C:\Users\Boban\Documents\VHS to DVD
2014-09-14 19:56 - 2014-09-14 19:56 - 00000000 ____D () C:\Program Files\honestech
2014-09-14 19:51 - 2014-09-19 16:55 - 00000000 ____D () C:\ProgramData\CyberLink
2014-09-14 19:51 - 2014-09-15 16:08 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\CyberLink
2014-09-14 19:51 - 2014-09-14 19:51 - 00000000 ____D () C:\Users\Public\CyberLink
2014-09-14 19:51 - 2014-09-14 19:51 - 00000000 ____D () C:\Users\Boban\Documents\CyberLink
2014-09-14 19:49 - 2014-09-19 16:01 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc
2014-09-14 19:49 - 2014-09-14 19:49 - 00000000 ____D () C:\ProgramData\eSellerate
2014-09-14 19:47 - 2014-09-14 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-09-14 19:46 - 2014-09-14 19:47 - 00000000 ____D () C:\Program Files\QuickTime
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\Users\Boban\AppData\Local\Apple
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\ProgramData\Apple
2014-09-12 12:30 - 2014-09-12 12:29 - 00003732 _____ () C:\PROMBUT.DBF
2014-09-11 22:19 - 2014-10-06 14:26 - 00000000 ____D () C:\Raspored
2014-09-11 22:19 - 2014-09-11 22:19 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\aSc Timetables
2014-09-11 18:04 - 2014-09-11 18:05 - 00000000 ____D () C:\Users\Boban\Desktop\Raspored
2014-09-11 16:48 - 2014-09-11 16:48 - 00063488 _____ () C:\Users\Boban\Downloads\asc.timetables.2014-fixed.patch.exe
2014-09-10 16:09 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 16:09 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 16:09 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 16:09 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 16:09 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 16:09 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 16:09 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 16:09 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 16:09 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 16:09 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 16:09 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 16:09 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 16:09 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 16:09 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 16:09 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 16:09 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 16:09 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 16:09 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 16:09 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 16:09 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 16:09 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 16:09 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 16:09 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 16:09 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 16:09 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 16:09 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 16:09 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 16:09 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 16:09 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 16:09 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 16:04 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 15:48 - 2014-09-10 15:48 - 00002043 _____ () C:\TuneUp 1-Click Maintenance.lnk
2014-09-10 15:48 - 2014-09-10 15:48 - 00002013 _____ () C:\TuneUp Utilities 2014.lnk
2014-09-10 15:23 - 2014-03-20 14:44 - 00036664 ____N (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-09-10 15:23 - 2014-03-20 14:44 - 00025400 ____N (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-09-10 15:20 - 2014-09-16 11:26 - 00000000 ____D () C:\Users\Boban\Documents\Ulead VideoStudio
2014-09-10 15:17 - 2014-09-10 15:17 - 00000000 ____D () C:\ProgramData\InterVideo
2014-09-10 15:14 - 2014-09-18 20:37 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-09-10 14:33 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 14:33 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 14:32 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 14:31 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 17:41 - 2014-09-09 17:42 - 00000000 ____D () C:\vsx5
2014-09-09 17:08 - 2014-09-09 17:08 - 00001121 _____ () C:\Users\Public\Desktop\WebSite X5 Professional 10.lnk
2014-09-09 17:08 - 2014-09-09 17:08 - 00000000 ____D () C:\Users\Boban\AppData\Local\Incomedia
2014-09-09 17:08 - 2014-09-09 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 v10 - Professional
2014-09-09 17:05 - 2014-09-09 17:08 - 00000000 ____D () C:\Program Files\WebSite X5 v10 - Professional
2014-09-09 14:20 - 2014-09-09 14:21 - 00000000 ____D () C:\Users\Boban\Documents\Quick-PDF PDF to Word
2014-09-09 14:20 - 2014-09-09 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF to Word
2014-09-09 14:20 - 2014-09-09 14:20 - 00000000 ____D () C:\Program Files\PDF to Word
2014-09-09 14:19 - 2014-09-09 14:19 - 00000000 ____D () C:\Users\Boban\Downloads\Quick-PDF PDF To Word Converter 2.2 + (zabranjeno)-[HB]
2014-09-09 14:11 - 2014-09-09 14:11 - 00001066 _____ () C:\Users\Boban\Desktop\PDFConverter.lnk
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Softplicity
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total PDF Converter
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\Program Files\Total PDF Converter
2014-09-09 14:05 - 2014-09-09 14:05 - 00000000 ____D () C:\ProgramData\pdf-watermark-remover-wm
2014-09-09 14:02 - 2014-09-09 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Watermark Revmoer
2014-09-09 14:02 - 2014-09-09 14:02 - 00000000 ____D () C:\Program Files\PDF Watermark Revmoer
2014-09-08 10:11 - 2014-09-08 10:11 - 00001234 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\Users\Boban\AppData\Local\VS Revo Group
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-08 10:11 - 2009-12-30 10:21 - 00027192 ____N (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-09-08 10:09 - 2014-09-08 10:10 - 00000000 ____D () C:\Users\Boban\Downloads\Revo Uninstaller Pro 3.0.8 Final (32-64 Bit) ML - SceneDL (PimpRG)

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 08:18 - 2014-09-03 13:39 - 01911837 _____ () C:\Windows\WindowsUpdate.log
2014-10-08 08:17 - 2014-02-23 11:52 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf307cea445b20.job
2014-10-08 08:14 - 2014-02-23 11:52 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf307ce82fd300.job
2014-10-08 08:14 - 2013-07-16 12:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-08 08:14 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-07 23:31 - 2009-07-14 06:34 - 00021280 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-07 23:31 - 2009-07-14 06:34 - 00021280 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-07 23:22 - 2013-07-15 21:22 - 00000000 ____D () C:\Users\Boban
2014-10-07 23:18 - 2013-10-16 15:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-06 13:45 - 2013-07-24 16:58 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Skype
2014-10-03 15:56 - 2013-07-15 21:24 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\GHISLER
2014-10-03 15:56 - 2013-07-15 21:24 - 00000000 ____D () C:\Total Commander 2012 v8.01 RC4 Full
2014-10-03 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-03 15:33 - 2009-07-14 06:53 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-01 16:48 - 2013-08-15 13:19 - 00000440 ____H () C:\Windows\Tasks\Norton Security Scan for Boban.job
2014-10-01 16:02 - 2014-08-05 14:52 - 00000000 ____D () C:\Windows\rescache
2014-09-30 20:12 - 2013-10-11 14:57 - 00000193 _____ () C:\Windows\WORDPAD.INI
2014-09-30 20:00 - 2010-11-20 23:01 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-30 18:48 - 2014-08-04 12:02 - 00000045 _____ () C:\Windows\system32\_WKERNEL.SYL
2014-09-30 18:45 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-29 10:16 - 2014-08-05 14:16 - 00000000 ____D () C:\Windows\Minidump
2014-09-27 19:47 - 2013-07-16 09:42 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-27 19:44 - 2013-07-24 16:58 - 00000000 ____D () C:\ProgramData\Skype
2014-09-27 19:44 - 2013-07-16 12:42 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-27 19:44 - 2013-07-16 12:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-27 19:43 - 2013-07-24 16:58 - 00000000 ___RD () C:\Program Files\Skype
2014-09-23 11:25 - 2013-12-12 16:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-23 11:11 - 2013-07-16 15:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-21 20:53 - 2013-07-17 17:05 - 00000461 _____ () C:\Windows\VC.INI
2014-09-19 15:52 - 2009-07-14 04:04 - 00000918 _____ () C:\Windows\win.ini
2014-09-18 20:36 - 2013-07-16 15:28 - 00000000 ____D () C:\Users\Boban\AppData\Local\Adobe
2014-09-18 19:14 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-17 19:08 - 2013-10-14 14:52 - 00000927 _____ () C:\Users\UpdatusUser\Desktop\MagicDisc.lnk
2014-09-17 19:08 - 2013-10-14 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
2014-09-17 18:50 - 2009-07-14 06:33 - 00460896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-17 18:49 - 2013-07-15 21:32 - 00128776 _____ () C:\Users\Boban\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-16 20:39 - 2013-07-27 15:28 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\HTC
2014-09-16 20:39 - 2013-07-27 12:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-09-16 20:39 - 2013-07-27 12:38 - 00000000 ____D () C:\ProgramData\HTC
2014-09-16 14:05 - 2014-03-19 10:39 - 00000000 ____D () C:\Program Files\CCP Server 5
2014-09-16 14:04 - 2014-03-19 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberCafePro Main Control Station 5
2014-09-15 16:55 - 2013-07-27 12:43 - 00000000 ____D () C:\Users\Boban\AppData\Local\Downloaded Installations
2014-09-15 15:53 - 2013-07-16 09:45 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-09-15 11:13 - 2013-07-16 13:10 - 00000000 ____D () C:\Windows\pss
2014-09-15 09:06 - 2013-07-15 21:22 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-14 19:51 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-09-14 19:49 - 2013-12-28 17:54 - 00000000 ____D () C:\Users\TEMP
2014-09-10 16:04 - 2013-10-14 14:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 16:04 - 2013-08-14 13:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 15:57 - 2013-07-15 21:21 - 98758480 ____N (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 15:49 - 2014-01-11 12:51 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\TuneUp Software
2014-09-10 15:21 - 2014-01-11 12:50 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-10 15:20 - 2013-08-27 13:39 - 00001183 _____ () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-09-09 18:08 - 2013-07-25 11:56 - 00000000 ___RD () C:\Users\Boban\Dropbox
2014-09-09 16:54 - 2013-07-25 11:54 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Dropbox
2014-09-09 15:02 - 2013-07-15 21:24 - 00000000 ____D () C:\DOS
2014-09-08 10:11 - 2014-09-03 13:38 - 00000000 ____D () C:\Users\Boban\Desktop\Data

Some content of TEMP:
====================
C:\Users\Boban\AppData\Local\Temp\Quarantine.exe
C:\Users\Boban\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-01 15:54

==================== End Of Log ============================

Poslao: 08 Okt 2014 09:28
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKLM\...\Policies\Explorer\Run: [SysLogger32] => C:\Windows\security\Syslogs\core32_178.dll [1476608 2013-09-07] ( ())
HKU\S-1-5-21-1582240820-2018686280-1996047769-1000\...\MountPoints2: {61c39312-34ca-11e3-92d2-ebe75371da66} - L:\SETUP.EXE
FF Extension: TheTorntv V10 - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-09-15]
FF Extension: Ultimate Finder - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-07]
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-104&v=a13277-328&t=4"
CHR DefaultSearchProvider: Default -> Ask.com
CHR DefaultSearchURL: Default -> http://dts.search.ask.com/sr?src=crb&gct=ds&appid=.....nrs=AG1&q={searchTerms}
Task: {50BBC60D-A712-4254-98CA-6509ADD8A016} - \Driver Booster SkipUAC (SYSTEM) No Task File <==== ATTENTION
Task: {D8D165F5-F7C8-4CE6-B65F-21CEFF249880} - System32\Tasks\CPUSpeed => C:\Users\Boban\AppData\Roaming\VideoDrivers\CPU\x86\run.vbs [2014-02-01] ()
C:\Users\Boban\AppData\Roaming\VideoDrivers
C:\Windows\security\Syslogs
C:\Program Files\Torntv V9.0
AlternateDataStreams: C:\ProgramData\TEMP:A5C00DEE
AlternateDataStreams: C:\ProgramData\TEMP:ECF54A0E
C:\Windows\pss\TornTvDownloader.lnk.Startup
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon" /f
C:\Users\Boban\AppData\Roaming\ValueApps
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" /f
C:\Users\Boban\AppData\Local\iLivid
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f
C:\Program Files\Mobogenie
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive" /f
C:\Users\Boban\AppData\Roaming\newnext.me
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pokki" /f
C:\Users\Boban\AppData\Pokki
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\wuaclts" /f
C:\Users\Boban\AppData\Roaming\wuaclt\wuaclt.exe
Task: {E0D1D873-DCEA-42BA-A0C3-4F94CA4304DF} - System32\Tasks\Norton Security Scan for Boban => C:\PROGRA~1\NORTON~2\Engine\401~1.16\Nss.exe


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum

Poslao: 08 Okt 2014 15:53
Idi na vrh
offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-10-2014 01
Ran by Boban at 2014-10-08 15:47:42 Run:1
Running from C:\Users\Boban\Desktop
Loaded Profiles: Boban & UpdatusUser (Available profiles: Boban & UpdatusUser)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKHKLM\...\Policies\Explorer\Run: [SysLogger32] => C:\Windows\security\Syslogs\core32_178.dll [1476608 2013-09-07] ( ())
HKU\S-1-5-21-1582240820-2018686280-1996047769-1000\...\MountPoints2: {61c39312-34ca-11e3-92d2-ebe75371da66} - L:\SETUP.EXE
FF Extension: TheTorntv V10 - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-09-15]
FF Extension: Ultimate Finder - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-07]
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-104&v=a13277-328&t=4"
CHR DefaultSearchProvider: Default -> Ask.com
CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}
Task: {50BBC60D-A712-4254-98CA-6509ADD8A016} - \Driver Booster SkipUAC (SYSTEM) No Task File <==== ATTENTION
Task: {D8D165F5-F7C8-4CE6-B65F-21CEFF249880} - System32\Tasks\CPUSpeed => C:\Users\Boban\AppData\Roaming\VideoDrivers\CPU\x86\run.vbs [2014-02-01] ()
C:\Users\Boban\AppData\Roaming\VideoDrivers
C:\Windows\security\Syslogs
C:\Program Files\Torntv V9.0
AlternateDataStreams: C:\ProgramData\TEMP:A5C00DEE
AlternateDataStreams: C:\ProgramData\TEMP:ECF54A0E
C:\Windows\pss\TornTvDownloader.lnk.Startup
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon" /f
C:\Users\Boban\AppData\Roaming\ValueApps
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" /f
C:\Users\Boban\AppData\Local\iLivid
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f
C:\Program Files\Mobogenie
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive" /f
C:\Users\Boban\AppData\Roaming\newnext.me
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pokki" /f
C:\Users\Boban\AppData\Pokki
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\wuaclts" /f
C:\Users\Boban\AppData\Roaming\wuaclt\wuaclt.exe
Task: {E0D1D873-DCEA-42BA-A0C3-4F94CA4304DF} - System32\Tasks\Norton Security Scan for Boban => C:\PROGRA~1\NORTON~2\Engine\401~1.16\Nss.exe
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\HKSysLogger32 => Value not found.
"HKU\S-1-5-21-1582240820-2018686280-1996047769-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61c39312-34ca-11e3-92d2-ebe75371da66}" => Key deleted successfully.
"HKCR\CLSID\{61c39312-34ca-11e3-92d2-ebe75371da66}" => Key not found.
C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com => Moved successfully.
C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} => Moved successfully.
Chrome StartupUrls deleted successfully.
CHR DefaultSearchProvider: Default -> Ask.com ==> The Chrome "Settings" can be used to fix the entry.
Chrome DefaultSearchURL deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50BBC60D-A712-4254-98CA-6509ADD8A016}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50BBC60D-A712-4254-98CA-6509ADD8A016}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (SYSTEM)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D8D165F5-F7C8-4CE6-B65F-21CEFF249880}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8D165F5-F7C8-4CE6-B65F-21CEFF249880}" => Key deleted successfully.
C:\Windows\System32\Tasks\CPUSpeed => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CPUSpeed" => Key deleted successfully.
C:\Users\Boban\AppData\Roaming\VideoDrivers => Moved successfully.
C:\Windows\security\Syslogs => Moved successfully.
"C:\Program Files\Torntv V9.0" => File/Directory not found.
C:\ProgramData\TEMP => ":A5C00DEE" ADS removed successfully.
C:\ProgramData\TEMP => ":ECF54A0E" ADS removed successfully.
C:\Windows\pss\TornTvDownloader.lnk.Startup => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Users\Boban\AppData\Roaming\ValueApps" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Users\Boban\AppData\Local\iLivid" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Program Files\Mobogenie" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Users\Boban\AppData\Roaming\newnext.me" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pokki" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Users\Boban\AppData\Pokki" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\wuaclts" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Users\Boban\AppData\Roaming\wuaclt\wuaclt.exe" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0D1D873-DCEA-42BA-A0C3-4F94CA4304DF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0D1D873-DCEA-42BA-A0C3-4F94CA4304DF}" => Key deleted successfully.
C:\Windows\System32\Tasks\Norton Security Scan for Boban => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security Scan for Boban" => Key deleted successfully.

==== End of Fixlog ====

Poslao: 08 Okt 2014 18:07
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sada stanje sistema?



Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.


Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

MyCity » Ambulanta -> Arhiva Ambulante » Usporen pc ,narocito internet

Ko je trenutno na forumu
 

Ukupno su 1103 korisnika na forumu :: 32 registrovanih, 4 sakrivenih i 1067 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 13297 - dana 20 Jan 2026 17:42

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Aleksej, babaroga, Borkanović, boro975, BOXRR, brundo65, cikadeda, Crazzer, deLacy, Despot1, draganl, Dragon Order, g.nemanjaa91, goxin, ILGromovnik, Jan, Jovan.D, Jozo74, koom0001, Kordon, MidnighT_AlieN, MilosKop, Neutral-M, Papadubi, pavle_pzs, Pekman, Regrut Boskica, sasa76, Shilok, shiro, Valter071, wolverined4