Usporen rad racunara

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Problem je poceo da se javlja pre 2 meseca (racunar na poslu), dakle treba mu dosta vremena da otvori bilo sta, kad otvori internet stranicu, skrolovanje traje vecno, kad kliknem u browseru da otvorim novu stranicu, on otvori 2 od jednom.

Sve je jednostavno usporeno, cak i samo gasenje racunara traje 10 minuta.

Skenirao sam sa AVG i ADWcleanerom.

Masina je starija ali nije bilo bas ovako sporo.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.01.2018
Ran by elektronicari (administrator) on HP418 (10-01-2018 15:54:06)
Running from C:\Users\elektronicari\AppData\Local\Temp\scoped_dir3088_3788
Loaded Profiles: elektronicari (Available Profiles: elektronicari & Administrator)
Platform: Microsoft Windows 7 Enterprise N Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ITSamples.com) C:\Windows\NetworkIndicator.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.64\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.64\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.64\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.64\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.64\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.64\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.64\opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4431848 2015-12-15] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\S-1-5-21-1313822525-380153392-3296115304-1003\...\MountPoints2: F - F:\startme.exe
HKU\S-1-5-21-1313822525-380153392-3296115304-1003\...\MountPoints2: {b815c197-6aa9-11e7-bb01-001f29da4d27} - F:\startme.exe
HKU\S-1-5-21-1313822525-380153392-3296115304-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\elektronicari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk [2015-05-29]
ShortcutTarget: Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\elektronicari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NetworkIndicator - Shortcut.lnk [2015-02-26]
ShortcutTarget: NetworkIndicator - Shortcut.lnk -> C:\Windows\NetworkIndicator.exe (ITSamples.com)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1313822525-380153392-3296115304-1003] => proxy.pnm.co.yu:3128
AutoConfigURL: [S-1-5-21-1313822525-380153392-3296115304-1003] => proxy.pnm.co.yu:3128
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: 127.0.0.1 license.piriform.com
Tcpip\Parameters: [DhcpNameServer] 192.168.9.1 192.168.9.2
Tcpip\..\Interfaces\{1CD4E8D3-E2DB-411B-A78A-9EBE2F272A0D}: [DhcpNameServer] 192.168.101.1
Tcpip\..\Interfaces\{2C454323-1173-4596-89EF-170E89D139CE}: [DhcpNameServer] 192.168.101.1
Tcpip\..\Interfaces\{33C4FB72-A7DA-4D3C-AFC8-D393B4690791}: [DhcpNameServer] 192.168.101.1
Tcpip\..\Interfaces\{5653B138-06A6-4D56-AE6B-E8AAAF2FE8D5}: [DhcpNameServer] 192.168.101.1
Tcpip\..\Interfaces\{A8C94103-03E0-48AA-891A-C0ABDCB47170}: [DhcpNameServer] 192.168.101.1
Tcpip\..\Interfaces\{C880AC11-EB75-4E63-A6B1-EDC4A248CF18}: [DhcpNameServer] 192.168.101.1
Tcpip\..\Interfaces\{F86B9B63-CD33-4C83-87D8-3D6624A6BE6C}: [DhcpNameServer] 192.168.9.1 192.168.9.2
ManualProxies: 0hxxp://accessunstop.org/wpad.dat?296be86f1f5a8edf74c6a345f3021a8e33804450

Internet Explorer:
==================
HKU\S-1-5-21-1313822525-380153392-3296115304-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-07] (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-07] (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1313822525-380153392-3296115304-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)

FireFox:
========
FF DefaultProfile: 1ileziud.default
FF ProfilePath: C:\Users\elektronicari\AppData\Roaming\Mozilla\Firefox\Profiles\1ileziud.default [2017-07-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-12] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)

Opera:
=======
OPR StartupUrls: "hxxp://www.google.com/"
OPR Extension: (Tampermonkey) - C:\Users\elektronicari\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2016-09-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4948456 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-02-25] (Macrovision Europe Ltd.) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S4 PlantronicsUpdateService; C:\Program Files\Plantronics\Spokes3G\SpokesUpdateService.exe [1798200 2016-05-24] (Plantronics, Inc.)
S4 uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [1795864 2014-09-22] (UltraVNC)
S3 VSStandardCollectorService140; C:\Program Files\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [86760 2016-09-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [122320 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [32672 2015-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [172856 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [278992 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [159648 2016-03-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [191440 2015-05-26] (AVG Technologies CZ, s.r.o.)
S3 FETND62; C:\Windows\System32\DRIVERS\DLF62X86.SYS [45568 2009-11-23] (D-Link )
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (VIA Technologies, Inc. )
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [807936 2009-09-15] (Ralink Technology Corp.)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
R2 PfFilter; C:\Program Files\IObit\Protected Folder\pffilter.sys [33224 2012-11-23] (IObit Information Technology)
S3 Pg4uUSB; C:\Windows\System32\DRIVERS\pg4uusb.sys [121496 2016-06-21] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam32.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-02 13:30 - 2018-01-10 13:19 - 000000000 ___RD C:\Users\elektronicari\Documents\JANUAR 18
2018-01-02 13:23 - 2018-01-02 13:23 - 001204720 _____ (Adobe Systems Incorporated) C:\Users\elektronicari\Desktop\flashplayer28ppau_fa_install.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-10 15:54 - 2017-01-24 10:18 - 000000000 ____D C:\FRST
2018-01-10 14:59 - 2014-12-05 18:36 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2018-01-10 13:13 - 2014-12-05 18:17 - 000000000 ____D C:\ProgramData\MFAData
2018-01-10 06:33 - 2009-07-14 05:02 - 000021408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-10 06:33 - 2009-07-14 05:02 - 000021408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-10 06:25 - 2009-07-14 05:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-10 02:54 - 2015-03-09 16:41 - 000000010 _____ C:\Windows\popcinfo.dat
2018-01-09 20:26 - 2015-10-09 12:56 - 000000000 ____D C:\Program Files\Opera
2018-01-07 16:51 - 2014-12-05 18:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-01-06 02:25 - 2015-11-11 02:04 - 000000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-01-02 13:34 - 2015-02-26 10:03 - 000000000 ___RD C:\Users\elektronicari\Documents\Raspored
2018-01-02 13:29 - 2015-02-26 09:14 - 000000000 ___RD C:\Users\elektronicari\Documents\RADNE LISTE
2018-01-02 13:25 - 2015-02-25 09:49 - 000000000 ____D C:\Users\elektronicari\AppData\Local\Adobe
2017-12-31 01:01 - 2015-02-26 09:25 - 000000000 ___RD C:\Users\elektronicari\Documents\NEŠA
2017-12-31 01:01 - 2010-11-20 22:03 - 000785794 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-31 01:01 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-12-29 01:03 - 2015-03-17 23:22 - 000001098 _____ C:\Users\Administrator\Desktop\DDD Pool Manual.lnk
2017-12-29 01:03 - 2015-03-17 23:22 - 000001096 _____ C:\Users\Administrator\Desktop\DDD Pool.lnk
2017-12-29 01:03 - 2015-03-17 23:22 - 000000000 ____D C:\Users\elektronicari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paprikari
2017-12-21 11:48 - 2015-02-26 08:59 - 000041472 _____ C:\Users\elektronicari\Desktop\Ciscenje i filteri stamparija.xls

==================== Files in the root of some directories =======

2015-03-04 19:04 - 2015-03-04 19:05 - 010328598 _____ (Nullsoft, Inc.) C:\Program Files\winamp5666_full_en-us_redux.exe
2015-02-24 20:43 - 2015-02-26 08:50 - 000024609 _____ () C:\Users\elektronicari\AppData\Roaming\Comma Separated Values (Windows).ADR
2017-07-17 14:38 - 2017-07-17 14:40 - 049979264 _____ (Sony) C:\Users\elektronicari\AppData\Local\pcc.exe

Some files in TEMP:
====================
2017-03-07 08:04 - 2017-03-07 08:04 - 000739904 _____ (Oracle Corporation) C:\Users\elektronicari\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-04-10 06:39 - 2015-02-04 00:57 - 000826696 _____ (NVIDIA Corporation) C:\Users\elektronicari\AppData\Local\Temp\nvStInst.exe
2017-07-17 14:40 - 2017-07-17 14:40 - 049533288 _____ (Sony) C:\Users\elektronicari\AppData\Local\Temp\xcs7430.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-08 01:58

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02.01.2018
Ran by elektronicari (10-01-2018 15:55:59)
Running from C:\Users\elektronicari\AppData\Local\Temp\scoped_dir3088_3788
Microsoft Windows 7 Enterprise N Service Pack 1 (X86) (2015-02-23 09:49:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1313822525-380153392-3296115304-500 - Administrator - Enabled) => C:\Users\Administrator
elektronicari (S-1-5-21-1313822525-380153392-3296115304-1003 - Administrator - Enabled) => C:\Users\elektronicari
Guest (S-1-5-21-1313822525-380153392-3296115304-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Business Edition (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: AVG update module (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG update module (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: AVG AntiVirus Business Edition (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1313822525-380153392-3296115304-1003\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Active Directory Authentication Library for SQL Server (x86) (HKLM\...\{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Add or Remove Adobe Creative Suite 3 Design Standard (HKLM\...\Adobe_cc3de31c9bb4dd729259509c74a7512) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
AHV content for Acrobat and Flash (HKLM\...\{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}) (Version: 1 - Adobe Systems Incorporated) Hidden
AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1479, 06.02.2015 - AIMP DevTeam)
Apple Application Support (32-bit) (HKLM\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.81 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.1 - Ashampoo GmbH & Co. KG)
AVG (HKLM\...\AVG) (Version: 3544 - AVG Technologies)
AVG 2013 (HKLM\...\{65EF3271-C862-4E03-97E3-1F7B403A3A23}) (Version: 13.0.4769 - AVG Technologies) Hidden
AVG 2013 (HKLM\...\{B33BF178-42D8-41AA-A804-E7FA2B3DA4FA}) (Version: 13.0.3556 - AVG Technologies) Hidden
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DDD Pool 1.2 (HKLM\...\DDD Pool) (Version: 1.2 - Paprikari)
D-Link DFE-530TX+ (HKLM\...\{2D6A5BD9-FE4B-49CD-8D96-2C4746302A82}) (Version: 1.00.0000 - D-Link) Hidden
Elnec Pg4uw ver. 3.26 (HKLM\...\Elnec Pg4uw_is1) (Version: - )
ExpressPCB (HKLM\...\{ED5F7AF9-347B-4440-A211-C6236508CC08}) (Version: 7.0.2 - ExpressPCB)
FastStone Image Viewer 5.3 (HKLM\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
FolderHighlight 1.5 (HKLM\...\FolderHighlight_is1) (Version: 1.5 - eRiverSoft)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
GOM Player (HKLM\...\GOM Player) (Version: 2.3.6.5260 - Gretech Corporation)
Google Earth Pro (HKLM\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1912 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
K-Lite Codec Pack 9.9.5 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
Luxor - Amun Rising (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11109097}) (Version: - Oberon Media)
Magic ISO Maker v5.5 (build 0281) (HKLM\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Macro Assembler (MASM) (HKLM\...\{F0D36479-04C5-4011-B2F9-FA23C9700157}) (Version: 8.0.50720.105 - Microsoft Corporation)
Microsoft MSDN 2005 Express Edition - ENU (HKLM\...\Microsoft MSDN 2005 Express Edition - ENU) (Version: - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (HKLM\...\VISPRO) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{45A8F8FF-ED9B-40B2-B923-94F46FCF6135}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{83C7F964-AC58-4104-B613-B4D0F61DA8CD}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{C340BAB2-9A21-41B9-A465-7AC7B1DF773E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{5FC4C5FD-75D0-43D5-B9A5-6FE208D12F7D}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU (HKLM\...\Microsoft Visual C++ 2005 Express Edition - ENU) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU Service Pack 1 (KB926748) (HKLM\...\KB926748.T2_19ToU292_19) (Version: 1 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{4B604E42-B6D7-4957-B5A5-CC7450D8E1EB}) (Version: 3.1238.1962 - Microsoft Corporation)
OldMHUUninstaller (HKLM\...\{3e04c0b9-496f-4b92-a86d-dcda4fcf7496}) (Version: 3.2.0.0 - Plantronics, Inc.) Hidden
OldMHUUninstallerMSI (HKLM\...\{4F459FBC-D0E2-42A3-AB0C-40AE2E890127}) (Version: 3.2.0.0 - Plantronics, Inc.) Hidden
Opera Stable 49.0.2725.64 (HKLM\...\Opera 49.0.2725.64) (Version: 49.0.2725.64 - Opera Software)
PDF Settings (HKLM\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Plantronics Hub Software (HKLM\...\{04cb4070-5673-41ab-9e62-fe95503cf6ac}) (Version: 3.8.51410.36664 - Plantronics, Inc.)
Plantronics Hub Software (HKLM\...\{BAB358D0-53CC-498F-8134-2ED21E50EFE7}) (Version: 3.8.51410.36664 - Plantronics, Inc.) Hidden
Pocket Tanks Deluxe version 1.6.0.0 (HKLM\...\{DAEC5F6A-64EC-444F-9651-B4CA262FA3C6}_is1) (Version: 1.6.0.0 - Killjoy & Pain, Inc.)
Prerequisites for SSDT (HKLM\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
Protected Folder (HKLM\...\Protected Folder_is1) (Version: - IObit)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
Roslyn Language Services - x86 (HKLM\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
Tefter (HKLM\...\Tefter) (Version: - )
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.0.3 - uvnc bvba)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Cambridge Silicon Radio (CSRBC) USB (10/26/2012 2.4.0.0) (HKLM\...\20C7EDA3129B3FF8F72F9BF59252B718B554FBDC) (Version: 10/26/2012 2.4.0.0 - Cambridge Silicon Radio)
Windows Driver Package - Plantronics, Inc. (usbser.nt) Ports (04/21/2009 5.1) (HKLM\...\07AFE62D73C8799E9E5689F86FB9F48389717BA3) (Version: 04/21/2009 5.1 - Plantronics, Inc.)
Windows Driver Package - Segger (jlink) USB (07/28/2014 2.6.8.1) (HKLM\...\468237BA12C6D9DD0125166A16609C632EE9CF1C) (Version: 07/28/2014 2.6.8.1 - Segger)
Windows Driver Package - SEGGER (JLinkCDC) Ports (08/28/2014 6.0.2601.5) (HKLM\...\ED80E3D3A350D18BFD3D3D8DAED8E2B19105763A) (Version: 08/28/2014 6.0.2601.5 - SEGGER)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files\AVG\AVG2013\avgse.dll [2013-03-28] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2014-11-18] (Foxit Software Inc.)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files\MagicISO\misosh.dll [2008-05-22] (MagicISO, Inc.)
ContextMenuHandlers1: [PfMenu] -> {2F844462-7CB8-489C-828C-32A6422506AF} => C:\Program Files\IObit\Protected Folder\PfShellExtension.dll [2012-11-23] (IObit)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [FolderHighlight] -> {6EFE4D50-7184-4501-ACFD-FA140104CE1E} => C:\Program Files\FolderHighlight\folderhighlight.dll [2006-11-28] (eRiverSoft)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files\MagicISO\misosh.dll [2008-05-22] (MagicISO, Inc.)
ContextMenuHandlers4: [PfMenu] -> {2F844462-7CB8-489C-828C-32A6422506AF} => C:\Program Files\IObit\Protected Folder\PfShellExtension.dll [2012-11-23] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-11] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files\AVG\AVG2013\avgse.dll [2013-03-28] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files\MagicISO\misosh.dll [2008-05-22] (MagicISO, Inc.)
ContextMenuHandlers6: [PfMenu] -> {2F844462-7CB8-489C-828C-32A6422506AF} => C:\Program Files\IObit\Protected Folder\PfShellExtension.dll [2012-11-23] (IObit)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F060DAD-12AE-4B47-B87E-FDDFC048BC6D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {1C019412-D935-4E3F-9143-AEC4B8019E50} - System32\Tasks\{EC9E2831-F576-4EFB-9D23-40EE249F6D11} => C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {229674C3-3178-415D-8AB8-28DC955A1C8F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-10] (Adobe Systems Incorporated)
Task: {322B5862-5313-4952-8A27-B1453F937E04} - System32\Tasks\Opera scheduled Autoupdate 1444391851 => C:\Program Files\Opera\launcher.exe [2017-12-18] (Opera Software)
Task: {3BE8D2A7-F0C4-42B0-A15C-7513857EE8D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-03] (Google Inc.)
Task: {42636539-92A1-408A-A548-96DA5DA63762} - System32\Tasks\{A3772831-1FE2-48DC-BC59-84C7FDF33E8C} => C:\Windows\system32\pcalua.exe -a C:\Users\elektronicari\Desktop\MASMsetup.EXE -d C:\Users\elektronicari\Desktop
Task: {7FE3958D-FE03-4D25-A176-5C2C7C01F6F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {BB8D094B-A404-42E4-A2AB-2FA069F0E06A} - System32\Tasks\{66409AED-654B-41E0-87FB-A0881DB66043} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\SMILES~1\TEFTER~1.0\UNWISE.EXE -c C:\PROGRA~1\SMILES~1\TEFTER~1.0\INSTALL.LOG
Task: {D5262304-93A7-442F-BD5A-59A2D3FEED04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-03] (Google Inc.)
Task: {E1BFB3BD-6F5C-4CC6-A026-C0585B2AD936} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-02-10] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\elektronicari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Explоrеr.lnk -> C:\Users\elektronicari\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\elektronicari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnet Exрlorеr (No Add-ons).lnk -> C:\Users\elektronicari\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\elektronicari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооgle Сhrоmе.lnk -> C:\Users\elektronicari\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
Shortcut: C:\Users\elektronicari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Internet Ехplorer Вrowsеr.lnk -> C:\Users\elektronicari\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\elektronicari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Оpеrа.lnk -> C:\Users\elektronicari\AppData\Roaming\Browsers\exe.rehcnual.bat (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gоogle Сhrоme.lnk -> C:\Users\elektronicari\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firefох.lnk -> C:\Users\elektronicari\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2015-11-25 04:37 - 2012-08-31 15:01 - 000151552 _____ () C:\Windows\System32\HP1100LM.DLL
2015-11-25 04:38 - 2012-08-31 15:01 - 000069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL
2017-12-21 00:13 - 2017-12-21 00:13 - 069364008 _____ () C:\Program Files\Opera\49.0.2725.64\opera_browser.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2017-07-04 16:24 - 000000858 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 license.piriform.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1313822525-380153392-3296115304-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\elektronicari\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.9.1 - 192.168.9.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 3
MSCONFIG\Services: PlantronicsUpdateService => 2
MSCONFIG\Services: uvnc_service => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
MSCONFIG\startupreg: OSDownloader => "C:\Program Files\OSDownloader\OSDownloader.exe" AutoStart
MSCONFIG\startupreg: OSDownloaderUpdate => "C:\Program Files\OSDownloader\OSDownloaderUpdate.exe" "sleep"
MSCONFIG\startupreg: PLTHub.exe => C:\Program Files\Plantronics\Spokes3G\PLTHub.exe -min
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{9CD9156A-2107-4447-AB8F-5417DAA2438A}] => (Allow) LPort=5900
FirewallRules: [{63BF2FBE-A842-4026-8F51-32451E8B4020}] => (Allow) LPort=5800
FirewallRules: [{F2CC137D-85E2-42A7-81FC-D075AE72A253}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
FirewallRules: [{DB3C5F61-239A-40AC-8D7C-6B1DE86B1894}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
FirewallRules: [{CA103F73-5DC4-4D18-86EE-1E3C0524AB96}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{5A6F6554-B167-4AE8-86DC-5E0ADA622A40}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{1811E262-A578-40E3-97B5-77E46C5F64D5}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{37FE572B-2A17-428E-BD1B-9435927B7CE5}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{68F318CA-F898-442B-BAF1-6251ED3C6B24}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{6096165D-DC00-4966-B157-DFA7E53A032E}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{525C612E-5B55-4D22-8109-684478344D68}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{5F139EF8-EEF1-4F8C-B6B5-FC0EE07B7FF4}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{67B3B474-2F92-4466-956B-FF3232B79DE5}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{E1ADEA0E-3374-49BA-B0C6-29BCCBFF608B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FC407ED2-8744-4547-B4BF-0E47B0789D4F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5DA993FB-193A-49B0-84B8-EBA482AE8138}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{FCF62F26-8D29-4036-B90F-45A6542A2BC1}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{C24E304F-B34C-43A1-93A4-8EA05DCB006B}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{34514824-8B7B-426F-B2AD-37C6EB05CF28}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2E59DDAB-15AE-464E-929F-6B373687B31D}] => (Allow) LPort=80
FirewallRules: [{D2072690-5494-460D-8B5C-875F0B465454}] => (Allow) C:\Users\elektronicari\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D42C1DE7-3573-43FF-BDE1-EBB34FE184B7}] => (Allow) C:\Users\elektronicari\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFB1476B-E024-43AF-B54B-C4C3CE12D446}] => (Allow) C:\Users\elektronicari\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BFE0139E-A445-4642-B0D2-3BEAA04E9378}] => (Allow) C:\Users\elektronicari\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{76B33366-3639-4D30-A5F4-BD9E9BA8C92B}] => (Allow) C:\Users\elektronicari\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{53480C9E-0812-4692-884D-40DA9651C772}] => (Allow) C:\Users\elektronicari\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{90DA5DAF-2CF1-46A9-B835-DD2045D1A570}] => (Allow) C:\Program Files\Opera\49.0.2725.47\opera.exe
FirewallRules: [{2725C963-26B6-4ABF-81F9-244B7AC7161F}] => (Allow) C:\Program Files\Opera\49.0.2725.64\opera.exe

==================== Restore Points =========================

07-12-2017 07:23:22 Scheduled Checkpoint
15-12-2017 00:00:04 Scheduled Checkpoint
22-12-2017 11:31:05 Scheduled Checkpoint
29-12-2017 11:46:53 Scheduled Checkpoint
07-01-2018 18:07:02 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2018 06:26:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/09/2018 06:31:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/08/2018 06:30:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/08/2018 02:26:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OUTLOOK.EXE, version: 12.0.6776.5000, time stamp: 0x59a44e6f
Faulting module name: wwlib.dll, version: 12.0.6780.5000, time stamp: 0x59f2015f
Exception code: 0xc0000005
Fault offset: 0x00452bcb
Faulting process id: 0xef8
Faulting application start time: 0x01d3881fae89c72f
Faulting application path: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
Faulting module path: C:\Program Files\Microsoft Office\Office12\wwlib.dll
Report Id: fb43f23c-f412-11e7-a973-001f29da4d27

Error: (01/07/2018 04:51:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/06/2018 02:56:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OUTLOOK.EXE, version: 12.0.6776.5000, time stamp: 0x59a44e6f
Faulting module name: OUTLOOK.EXE, version: 12.0.6776.5000, time stamp: 0x59a44e6f
Exception code: 0xc0000005
Fault offset: 0x00198872
Faulting process id: 0x778
Faulting application start time: 0x01d386917c31b138
Faulting application path: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
Faulting module path: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
Report Id: be5233a2-f284-11e7-a92b-001f29da4d27

Error: (01/05/2018 06:40:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/04/2018 06:41:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/03/2018 06:49:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/03/2018 02:47:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OUTLOOK.EXE, version: 12.0.6776.5000, time stamp: 0x59a44e6f
Faulting module name: OUTLOOK.EXE, version: 12.0.6776.5000, time stamp: 0x59a44e6f
Exception code: 0xc0000005
Fault offset: 0x00198872
Faulting process id: 0x6f4
Faulting application start time: 0x01d38434beae1fc1
Faulting application path: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
Faulting module path: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
Report Id: 02e9f2b0-f028-11e7-a93c-001f29da4d27


System errors:
=============
Error: (01/10/2018 03:11:33 PM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \\dc1.pnm.co.yu, a Windows domain controller
for domain PNM, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (01/10/2018 02:26:26 PM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \\dc2.pnm.co.yu, a Windows domain controller
for domain PNM, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (01/10/2018 10:41:20 AM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \\dc1.pnm.co.yu, a Windows domain controller
for domain PNM, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (01/10/2018 10:26:20 AM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \\dc2.pnm.co.yu, a Windows domain controller
for domain PNM, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (01/10/2018 09:56:26 AM) (Source: TermService) (EventID: 1067) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: Access is denied.
.

Error: (01/10/2018 09:56:19 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain PNM due to the following:
There are currently no logon servers available to service the logon request.


This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (01/10/2018 06:26:25 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (01/10/2018 06:26:14 AM) (Source: TermService) (EventID: 1067) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: Access is denied.
.

Error: (01/10/2018 06:26:11 AM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \\dc2.pnm.co.yu, a Windows domain controller
for domain PNM, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (01/10/2018 06:25:35 AM) (Source: NETLOGON) (EventID: 3210) (User: )
Description: This computer could not authenticate with \\dc1.pnm.co.yu, a Windows domain controller
for domain PNM, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.


CodeIntegrity:
===================================
Date: 2017-04-20 09:24:19.959
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 20:02:10.429
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 20:02:10.075
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 19:59:54.400
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 19:59:54.045
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 19:50:49.492
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 19:50:48.678
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 19:50:12.242
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 19:50:11.512
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 19:49:42.318
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 430 @ 1.80GHz
Percentage of memory in use: 68%
Total physical RAM: 2038.3 MB
Available physical RAM: 634.02 MB
Total Virtual: 5538.3 MB
Available Virtual: 3939.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:51.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: D42AD42A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

• 1Ovo se svidja korisniku: magna86
  
  Registruj se da bi pohvalio/la poruku!

Žao mi je, ali...

https://www.mycity.rs/Ambulanta/Pravila-ovog-dela-foruma.html

Citat:9. nemojte se obraćati za pomoć oko čišćenja računara na poslu. Firma zarađuje zahvaljujući tim računarima, pa je red i da plati nekome da im te računare očisti;

S obzirom da imaš Enterprise izdanje bez prisustva KMS emulatora, kontaktiraj sistem administratora u svojoj firmi.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Oh ok. Posto nama 3 lica sredjuju. Nisam procitao to do kraja, izvinjavam se, hvala!