usporen lap top

1

usporen lap top

offline
  • Pridružio: 01 Mar 2008
  • Poruke: 245

Od pre nekoliko dana mi je lap top jako usporen, nešto radi u pozadini, treba mu dosta vremena da se pozvani program aktivira, kad kucam nešto slova kasne, moram da čekam da se pojave po nekoliko sekundi nekad duže. Ne koristim antivirus samo anti malware i ad guard.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-10-2016
Ran by korisnik (administrator) on 720-PC (11-10-2016 21:40:47)
Running from C:\Users\korisnik\Desktop
Loaded Profiles: korisnik (Available Profiles: korisnik & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: engleski (SAD)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Performix LLC) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(KARPOLAN) C:\Program Files (x86)\Touchpad Blocker\TouchpadBlocker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Performix LLC) C:\Program Files (x86)\Adguard\Adguard.exe
() C:\Program Files\ACD Systems\ACDSee Pro\9.0\ACDSeeCommanderPro9.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Tenda Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16686600 2016-10-09] (Realtek Semiconductor)
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\Run: [TouchpadBlocker.exe] => C:\Program Files (x86)\Touchpad Blocker\TouchpadBlocker.exe [886272 2016-04-13] (KARPOLAN)
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\Run: [] => [X]
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5608440 2016-08-26] (Performix LLC)
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\Run: [ACDSeeCommanderPro9] => C:\Program Files\ACD Systems\ACDSee Pro\9.0\ACDSeeCommanderPro9.exe [3220152 2016-05-09] ()
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {2b1d43f5-1c09-11e6-8ba0-90a4de6d68cc} - F:\USBAutoRun.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {ea090054-0eac-11e6-8893-90a4de6d68cc} - F:\setup.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {ea09037c-0eac-11e6-8893-90a4de6d68cc} - I:\setup.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {ea0903f7-0eac-11e6-8893-90a4de6d68cc} - J:\SETUP.EXE
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-04-26]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tenda Wireless Utility.lnk [2016-04-26]
ShortcutTarget: Tenda Wireless Utility.lnk -> C:\Program Files (x86)\Tenda\Common\RaUI.exe (Tenda Technology, Corp.)
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 acdid.acdsystems.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{41C84ED3-C0DD-4CB2-8A18-D0BDF0E29827}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{6891460B-EE9D-41B1-82FB-6A1E74E1C8A5}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\programi\IObit Uninstaller Pro 5.3.0.138 Multilanguage Portable\IObitUninstallerPortable\App\uninstaller\UninstallExplorer.dll [2015-12-23] (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-09-29] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-09-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-09-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-09-29] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-09-29] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-29] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 8j2bf1ih.default
FF ProfilePath: C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\8j2bf1ih.default [2016-10-11]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\8j2bf1ih.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\8j2bf1ih.default -> hxxps://www.google.rs/
FF Extension: (Video DownloadHelper) - C:\Users\korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\8j2bf1ih.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-11]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-11] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-29] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-11] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-09-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-09-29] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-17] (Nitro PDF)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-746845287-3329047123-463373260-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.rs/"
CHR Profile: C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default [2016-10-05]
CHR Extension: (Google презентације) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-02]
CHR Extension: (Google документи) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-02]
CHR Extension: (Google диск) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-02]
CHR Extension: (YouTube) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-02]
CHR Extension: (Google табеле) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-02]
CHR Extension: (Google документи офлајн) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-02]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-02]
CHR Extension: (Gmail) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [149496 2016-08-26] (Performix LLC)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [1002752 2015-10-27] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3064520 2016-09-28] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.)
S3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [887056 2014-07-10] (Disc Soft Ltd)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-17] (Nitro PDF Software)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [454208 2011-03-31] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe [621632 2011-03-04] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-11-15] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworktdidrv; C:\Windows\System32\drivers\adgnetworktdidrv.sys [62536 2016-07-21] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [200448 2015-09-19] (Broadcom Corporation.)
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2016-04-26] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130944 2014-10-28] (Gemalto) [File not signed]
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-29] (REALiX(tm))
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-11] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180480 2015-10-08] (Intel Corporation)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [142120 2007-04-27] (SafeNet, Inc.)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3567488 2016-05-22] ()
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [206336 2011-03-02] (SMI)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-11 21:40 - 2016-10-11 21:41 - 00019417 _____ C:\Users\korisnik\Desktop\FRST.txt
2016-10-11 21:40 - 2016-10-11 21:40 - 00000000 ____D C:\FRST
2016-10-11 21:38 - 2016-10-11 21:38 - 02407424 _____ (Farbar) C:\Users\korisnik\Desktop\FRST64.exe
2016-10-11 17:52 - 2016-10-11 17:52 - 06183104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-10-09 10:57 - 2016-10-09 10:57 - 40070200 _____ C:\Windows\system32\nvcompiler.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 35180992 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 34809912 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 28214840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 17464952 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 14118336 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-10-09 10:57 - 2016-10-09 10:57 - 10868288 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 10746872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 10287344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 09090952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 08877480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 08684304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 03595832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 03458608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 03161024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437290.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437290.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 01020472 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 00956864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 00943672 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 00895032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 00688784 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 00578056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-10-09 10:57 - 2016-10-09 10:57 - 00039730 _____ C:\Windows\system32\nvinfo.pb
2016-10-09 10:57 - 2016-10-09 10:57 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-10-09 10:57 - 2016-10-09 10:57 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-10-09 10:53 - 2016-10-09 10:53 - 72520712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-10-09 10:53 - 2016-10-09 10:53 - 07172912 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 06618275 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-10-09 10:53 - 2016-10-09 10:53 - 05220360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-10-09 10:53 - 2016-10-09 10:53 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 03203592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 03133152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-10-09 10:53 - 2016-10-09 10:53 - 02775200 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 02073088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 01360520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00447720 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-10-09 10:53 - 2016-10-09 10:53 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 03282544 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00678184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00677680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00618192 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00445408 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00330560 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00253864 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-10-09 10:52 - 2016-10-09 10:52 - 00118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-10-09 10:49 - 2016-10-09 10:49 - 01035272 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-10-09 10:49 - 2016-10-09 10:49 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2016-10-09 10:45 - 2016-10-09 10:45 - 01588688 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-10-09 10:45 - 2016-10-09 10:45 - 00223304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-10-09 10:45 - 2016-10-09 10:45 - 00054728 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-10-06 16:10 - 2016-10-06 16:11 - 07768317 _____ C:\Users\korisnik\Downloads\com.keramidas.TitaniumBackup_v7.5.0-384_Android-1.5.apk
2016-10-06 16:00 - 2016-10-06 16:01 - 19316808 _____ (Kingosoft Technology Ltd. ) C:\Users\korisnik\Downloads\android_root(1).exe
2016-10-06 15:59 - 2016-10-06 16:00 - 00000000 ____D C:\Users\korisnik\AppData\LocalLow\uTorrent
2016-10-06 15:34 - 2016-10-06 15:39 - 63743083 _____ C:\Users\korisnik\Desktop\Kako Rutovati Telefon ( SRB CRO BiH ).mp4
2016-10-06 15:34 - 2016-10-06 15:37 - 19316808 _____ (Kingosoft Technology Ltd. ) C:\Users\korisnik\Downloads\android_root.exe
2016-10-05 14:47 - 2016-10-05 14:47 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-10-04 16:39 - 2016-10-05 10:20 - 00000000 ____D C:\Windows\Minidump
2016-10-03 13:47 - 2016-10-03 13:47 - 00000000 ____D C:\Users\korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth uređaji
2016-10-01 20:45 - 2016-10-01 20:45 - 01194996 ____R C:\Users\korisnik\Downloads\Ratarska_pita
2016-09-28 13:57 - 2016-09-28 13:57 - 00956913 _____ C:\Users\korisnik\Downloads\17261(2).pdf
2016-09-28 09:48 - 2016-09-28 09:48 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype za posao 2016.lnk
2016-09-28 09:48 - 2016-09-28 09:48 - 00002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-09-28 09:48 - 2016-09-28 09:48 - 00002396 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk
2016-09-28 09:48 - 2016-09-28 09:48 - 00002388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-28 09:48 - 2016-09-28 09:48 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-28 09:48 - 2016-09-28 09:48 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 2016.lnk
2016-09-28 09:48 - 2016-09-28 09:48 - 00002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-28 09:48 - 2016-09-28 09:48 - 00002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-28 09:48 - 2016-09-28 09:48 - 00002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-28 09:48 - 2016-09-28 09:48 - 00002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-28 09:48 - 2016-09-28 09:48 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-28 09:48 - 2016-09-28 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alatke za Microsoft Office 2016
2016-09-21 14:08 - 2016-10-02 15:13 - 00000000 ___HD C:\Users\korisnik\Desktop\[Originals]
2016-09-18 23:54 - 2016-09-18 23:54 - 00491520 _____ (HeiDoc.net) C:\Users\korisnik\Downloads\Windows ISO Downloader Legacy Preuzimanje windowsa i offisa sve varijante.exe
2016-09-11 10:16 - 2016-10-09 18:01 - 00003040 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_korisnik
2016-09-11 10:13 - 2016-09-11 10:13 - 00000000 ____D C:\Users\Default\AppData\Roaming\Performix LLC
2016-09-11 10:13 - 2016-09-11 10:13 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Performix LLC
2016-09-11 00:13 - 2016-09-11 00:13 - 00639327 _____ C:\Users\korisnik\Downloads\zakon_o_zastiti_podataka_o_licnosti.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-11 21:41 - 2016-08-30 12:13 - 00000000 ____D C:\ProgramData\Adguard
2016-10-11 21:34 - 2016-05-03 12:24 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-11 20:45 - 2016-04-26 19:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-11 20:43 - 2016-05-02 18:11 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-11 20:10 - 2016-01-25 15:04 - 00000000 ____D C:\Users\korisnik\Desktop\srs
2016-10-11 17:56 - 2016-06-01 17:29 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-10-11 17:56 - 2016-06-01 17:28 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-11 17:52 - 2016-04-26 19:10 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-11 17:52 - 2016-04-26 19:10 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-11 17:52 - 2016-04-26 19:10 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-11 17:52 - 2016-04-26 19:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-11 17:52 - 2016-04-26 19:10 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-11 14:14 - 2009-07-14 07:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-11 14:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-11 11:14 - 2016-04-29 22:42 - 00002876 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (korisnik)
2016-10-11 11:10 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-11 11:10 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-11 10:55 - 2016-04-29 22:43 - 00000000 ____D C:\ProgramData\ProductData
2016-10-11 10:54 - 2016-08-18 16:48 - 00000000 ____D C:\Program Files (x86)\Adguard
2016-10-11 10:54 - 2016-05-02 18:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-11 10:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-09 18:01 - 2016-04-29 22:42 - 00000000 ____D C:\Users\korisnik\AppData\Roaming\IObit
2016-10-09 14:49 - 2015-12-17 13:44 - 00000000 ____D C:\Users\korisnik\Desktop\Nova fascikla (2)
2016-10-09 14:45 - 2016-02-08 16:22 - 00000000 ____D C:\Users\korisnik\Desktop\Nova fascikla
2016-10-09 11:03 - 2016-04-28 11:25 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-09 11:03 - 2016-04-26 18:06 - 00000000 ____D C:\temp
2016-10-09 10:58 - 2015-08-11 01:08 - 19854064 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-10-09 10:57 - 2016-08-06 10:37 - 14353512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-10-09 10:57 - 2016-06-26 18:57 - 17270984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-10-09 10:57 - 2015-08-11 01:08 - 03917840 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-10-09 10:55 - 2016-04-26 18:13 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-10-09 10:49 - 2016-04-28 11:49 - 00116304 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2016-10-09 10:35 - 2016-06-28 11:33 - 00000000 ____D C:\Users\korisnik\Desktop\sud
2016-10-09 10:35 - 2016-04-26 13:03 - 00000000 ____D C:\Users\korisnik\Desktop\ll
2016-10-06 23:29 - 2016-05-10 22:55 - 00000000 ____D C:\Users\korisnik\AppData\Roaming\uTorrent
2016-10-05 14:48 - 2016-04-26 21:50 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-05 14:47 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-10-05 14:44 - 2016-04-26 21:47 - 00000000 ____D C:\Program Files\Microsoft Office
2016-10-03 15:18 - 2016-06-03 16:11 - 00000000 ____D C:\Users\korisnik\AppData\Roaming\Nitro PDF
2016-09-29 21:47 - 2016-05-02 18:12 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-25 13:07 - 2016-05-04 11:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-25 13:07 - 2016-04-26 18:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-18 09:48 - 2016-04-29 22:42 - 00000000 ____D C:\ProgramData\IObit
2016-09-17 00:57 - 2016-04-30 01:01 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-09-17 00:57 - 2016-04-30 01:01 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-09-17 00:57 - 2016-04-28 11:24 - 06385720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-09-17 00:57 - 2016-04-28 11:24 - 02475064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-09-17 00:57 - 2016-04-28 11:24 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-09-17 00:57 - 2016-04-28 11:24 - 01364024 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-09-17 00:57 - 2016-04-28 11:24 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-09-17 00:57 - 2016-04-28 11:24 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-09-16 09:40 - 2016-04-28 11:24 - 07379415 _____ C:\Windows\system32\nvcoproc.bin
2016-09-12 11:44 - 2016-08-18 16:49 - 00000256 _____ C:\Windows\SysWOW64\Drivers\vwifikerneldrv.sys
2016-09-12 11:44 - 2016-08-18 16:49 - 00000256 _____ C:\Windows\SysWOW64\d3dx9_11.dll.tmp
2016-09-12 11:44 - 2016-08-18 16:49 - 00000256 _____ C:\ProgramData\fontcacheev1.dat
2016-09-11 10:14 - 2016-04-30 14:50 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-11 10:13 - 2016-08-30 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adguard

==================== Files in the root of some directories =======

2016-04-26 18:13 - 2016-04-26 18:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-18 16:49 - 2016-09-12 11:44 - 0000256 _____ () C:\ProgramData\fontcacheev1.dat
2016-05-06 15:49 - 2016-05-06 15:26 - 4774808 _____ ((c) PC Cleaners Inc) C:\ProgramData\pclunst.exe

Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat
C:\ProgramData\pclunst.exe


Some files in TEMP:
====================
C:\Users\korisnik\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-05 16:27

==================== End of FRST.txt ============================
https://www.mycity.rs/must-login.png

offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Pozdrav!

Na tastaturi pritisni , upisi CMD i zatim desni klik Run as Administrator.
Ukucaj sledecu komandu i potvri sa Enter:
chkdsk C: /r
Ako te upita da potvris, ukucaj Y i opet potvrdi sa Enter.
Restartuj racunar i sacekaj da se procedura zavrsi.



Nakon sto je gotovo, potrebno je da dostavis izvestaj.

Pritisni zajedno + R, zatim upisi powershell.exe i potvrdi sa OK.
Ukucaj sledecu komandu i potvri sa Enter:
get-winevent -FilterHashTable @{logname="Application"; id="1001"}| ?{$_.providername –match "wininit"} | fl timecreated, message | out-file Desktop\CHKDSKResults.txt
Na Desktopu ces naci CHKDSKResults izvestaj koji je potrebno da prikacis u sledecem odgovoru.

offline
  • Pridružio: 01 Mar 2008
  • Poruke: 245

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Pozdrav!

Zamolio bih te da deinstaliras ovaj program:
UmmyVideoDownloader

Nakon toga,

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
File: C:\ProgramData\ManyCam\Service\ManyCamService.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {2b1d43f5-1c09-11e6-8ba0-90a4de6d68cc} - F:\USBAutoRun.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {ea090054-0eac-11e6-8893-90a4de6d68cc} - F:\setup.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {ea09037c-0eac-11e6-8893-90a4de6d68cc} - I:\setup.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {ea0903f7-0eac-11e6-8893-90a4de6d68cc} - J:\SETUP.EXE
GroupPolicy: Restriction <======= ATTENTION
C:\ProgramData\fontcacheev1.dat
C:\ProgramData\pclunst.exe
2015-12-02 18:58 - 2015-11-16 20:32 - 00919040 _____ () C:\Windows\mod_frst.exe
C:\Windows\mod_frst.exe
AlternateDataStreams: C:\Windows:nlsPreferences [386]
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.



Nakon toga, isprati ovo uputstvo:

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Options isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Cleaning i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

offline
  • Pridružio: 01 Mar 2008
  • Poruke: 245

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-10-2016
Ran by korisnik (14-10-2016 09:57:00) Run:1
Running from C:\Users\korisnik\Desktop
Loaded Profiles: korisnik & (Available Profiles: korisnik & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
File: C:\ProgramData\ManyCam\Service\ManyCamService.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {2b1d43f5-1c09-11e6-8ba0-90a4de6d68cc} - F:\USBAutoRun.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {ea090054-0eac-11e6-8893-90a4de6d68cc} - F:\setup.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {ea09037c-0eac-11e6-8893-90a4de6d68cc} - I:\setup.exe
HKU\S-1-5-21-746845287-3329047123-463373260-1000\...\MountPoints2: {ea0903f7-0eac-11e6-8893-90a4de6d68cc} - J:\SETUP.EXE
GroupPolicy: Restriction <======= ATTENTION
C:\ProgramData\fontcacheev1.dat
C:\ProgramData\pclunst.exe
2015-12-02 18:58 - 2015-11-16 20:32 - 00919040 _____ () C:\Windows\mod_frst.exe
C:\Windows\mod_frst.exe
AlternateDataStreams: C:\Windows:nlsPreferences [386]
EmptyTemp:
*****************

Restore point was successfully created.

========================= File: C:\ProgramData\ManyCam\Service\ManyCamService.exe ========================

File is digitally signed
MD5: F0DB70EA6B32DA9E8D3DFE50206CF9C4
Creation and modification date: 2016-03-31 14:03 - 2016-03-31 14:03
Size: 0544984
Attributes: ----A
Company Name: Visicom Media Inc.
Internal Name: service.exe
Original Name: service.exe
Product: ManyCam Virtual Webcam
Description: ManyCam Service
File Version: 1.0.0.3
Product Version: 1.0.0.3
Copyright: (c) 2006-2015 Visicom Media Inc.

====== End of File: ======

"HKU\S-1-5-21-746845287-3329047123-463373260-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-746845287-3329047123-463373260-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b1d43f5-1c09-11e6-8ba0-90a4de6d68cc}" => key removed successfully
HKCR\CLSID\{2b1d43f5-1c09-11e6-8ba0-90a4de6d68cc} => key not found.
"HKU\S-1-5-21-746845287-3329047123-463373260-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea090054-0eac-11e6-8893-90a4de6d68cc}" => key removed successfully
HKCR\CLSID\{ea090054-0eac-11e6-8893-90a4de6d68cc} => key not found.
"HKU\S-1-5-21-746845287-3329047123-463373260-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea09037c-0eac-11e6-8893-90a4de6d68cc}" => key removed successfully
HKCR\CLSID\{ea09037c-0eac-11e6-8893-90a4de6d68cc} => key not found.
"HKU\S-1-5-21-746845287-3329047123-463373260-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea0903f7-0eac-11e6-8893-90a4de6d68cc}" => key removed successfully
HKCR\CLSID\{ea0903f7-0eac-11e6-8893-90a4de6d68cc} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\fontcacheev1.dat => moved successfully
C:\ProgramData\pclunst.exe => moved successfully
"C:\Windows\mod_frst.exe" => not found.
"C:\Windows\mod_frst.exe" => not found.
C:\Windows => ":nlsPreferences" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62806987 B
Java, Flash, Steam htmlcache => 523 B
Windows/system/drivers => 5783249 B
Edge => 0 B
Chrome => 214016 B
Firefox => 20830209 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 65794 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 0 B
korisnik => 145923076 B
Administrator => 435035 B

RecycleBin => 0 B
EmptyTemp: => 225.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:58:47 ====
https://www.mycity.rs/must-login.png

offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Arrow Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;



• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.





>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.





Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

offline
  • Pridružio: 01 Mar 2008
  • Poruke: 245

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
main: v2016.10.14.04
rootkit: v2016.09.26.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18282
korisnik :: 720-PC [administrator]

14.10.2016 15:17:19
mbar-log-2016-10-14 (15-17-19).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 350718
Time elapsed: 18 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Reci mi, kakvo je stanje?

Da li i dalje imas istih problema?

offline
  • Pridružio: 01 Mar 2008
  • Poruke: 245

možda za nijansu brže radi, rekao bih da slova još uvek kasne., nazovimo to da brže kucam nego što to može lap top da prihvati, ali kad krenem da brišem slova isto koči i usporava, mada sad bih rekao za nijansu manje. A i dalje mu treba vremena da pokrene recimo firefox

offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Preuzmi Zemana AntiMalware i sacuvaj ga na Deskop.


Arrow Kada preuzimanje bude zavrseno:

Dvoklikom pokreni instalaciju i prati uputstva. Instalacija je standardna bez ikakvih dodatnih opcija.
Nakon instalacije, program ce se automatski pokrenuti i sada je potrebno klikniti na Scan.
Kada se skeniranje zavrsi, klikni Next kako bi uklonio sve pronadjene stavke.
Ako ti zatrazi da restartujes racunar, klikni na Reboot.
Ukoliko je racunar ozbiljno inficiran, nakon restarta ce uslediti jos jedno skeniranje.


Arrow Nakon toga, potrebno je da dostavis izvestaj/e:

Na tastaturi pritisni + R u isto vreme.
Kopiraj sledecu komandu i potvrdi sa OK:
%USERPROFILE%\AppData\Local\Zemana\Zemana AntiMalware\reports
Najnovji izvestaj/e kopiraj na Deskop, a zatim ga prikaci u sledecoj poruci.

Ko je trenutno na forumu
 

Ukupno su 996 korisnika na forumu :: 37 registrovanih, 6 sakrivenih i 953 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., amaterSRB, aramis s, bigfoot, Boskovic, Brana01, ccoogg123, Chainsaw, dankisha, debeli, djuradj, Dogma21, Frunze, GAGI, Georgius, greskac, hatman, ILGromovnik, Kubovac, ladro, laurusri, markos12345, mercedesamg, MiG-29M2, Milos ZA, mocnijogurt, moldway, mrvica78, nenad81, nikoladim, pein, Povratak1912, procesor, raketaš, raptorsi, Romibrat, ZetaMan