Pozdrav posto imam problem sa jednim procesom hocu da proverim da li je zarazen sistem
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-09-2015 01
Ran by PC (administrator) on PC-PC (28-09-2015 02:10:04)
Running from C:\Users\PC\Downloads
Loaded Profiles: PC (Available Profiles: PC & DefaultAppPool)
Platform: Microsoft Windows 10 Pro (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(KVIrc Development Team) C:\Program Files\KVIrc\kvirc.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() D:\Steam-Igre\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
(Valve Corporation) C:\Program Files\Steam\GameOverlayUI.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [HPUsageTracking] => C:\Program Files\HP\HP UT\bin\hppusg.exe [24576 2009-05-11] (Hewlett-Packard Company)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3775912 2015-08-24] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2025573689-4008586652-292618053-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5529880 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2025573689-4008586652-292618053-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2025573689-4008586652-292618053-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [25600 2015-07-10] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{272b6d4a-6c8c-4006-9b44-93d655c7000f}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.goodforsearch.info/?pid=21242&r=2015/04/18&hid=9845050743040758615&lg=EN&cc=RS&unqvl=86
HKU\S-1-5-21-2025573689-4008586652-292618053-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={AB958479-63A4-4BFA-B398-926E1CEC4AAF}&mid=204bef40d2c747cdbf06cd2623568357-d01a760f5d8339b21118dd31c16993b4efdbe763&lang=en&ds=AVG&coid=avgtbavg&cmpid=0715avt&pr=fr&d=2015-07-17 17:11:41&v=4.1.4.948&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2025573689-4008586652-292618053-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/04/18&hid=9845050743040758615&lg=EN&cc=RS&unqvl=86
SearchScopes: HKLM -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/04/18&hid=9845050743040758615&lg=EN&cc=RS&unqvl=86
SearchScopes: HKU\S-1-5-21-2025573689-4008586652-292618053-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={AB958479-63A4-4BFA-B398-926E1CEC4AAF}&mid=204bef40d2c747cdbf06cd2623568357-d01a760f5d8339b21118dd31c16993b4efdbe763&lang=en&ds=AVG&coid=avgtbavg&cmpid=0715avt&pr=fr&d=2015-07-17 17:11:41&v=4.1.4.948&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2025573689-4008586652-292618053-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/04/18&hid=9845050743040758615&lg=EN&cc=RS&unqvl=86
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\hf25ittd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-29] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml [2015-07-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml [2015-07-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-08-27]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://websearch.goodforsearch.info/?pid=21242&r=2015/04/18&hid=9845050743040758615&lg=EN&cc=RS&unqvl=86"
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-07]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-07]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-07]
CHR Extension: (Agar.io Mods) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmofencpfjfladdmoiflekmblmhflbkp [2015-06-06]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-07]
CHR Extension: (Tampermonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-09-14]
CHR Extension: (Google Sheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (AdBlock) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-07]
CHR Extension: ([CB] eRepublik) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcllofidbkalfnhfapholimfflgpojdp [2015-04-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-07]
CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-07]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1560592 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3637160 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [335656 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [19104 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6x.sys [68032 2015-07-09] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [250800 2015-08-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [222640 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [31664 2015-07-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [207328 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [189872 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [236464 2015-08-04] (AVG Technologies CZ, s.r.o.)
R2 giveio; C:\WINDOWS\system32\giveio.sys [5248 1996-04-03] () [File not signed]
R2 speedfan; C:\WINDOWS\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo32.dll [13264 2015-09-27] (wisecleaner.com)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-28 02:10 - 2015-09-28 02:10 - 00015877 _____ C:\Users\PC\Downloads\FRST.txt
2015-09-28 02:09 - 2015-09-28 02:10 - 00000000 ____D C:\FRST
2015-09-28 02:09 - 2015-09-28 02:09 - 01696256 _____ (Farbar) C:\Users\PC\Downloads\FRST.exe
2015-09-27 23:44 - 2015-09-27 23:44 - 00016148 _____ C:\WINDOWS\system32\PC-PC_PC_HistoryPrediction.bin
2015-09-27 21:10 - 2015-09-27 23:44 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-27 21:10 - 2015-09-27 21:10 - 00423280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-27 21:10 - 2015-09-27 21:10 - 00007382 _____ C:\WINDOWS\PFRO.log
2015-09-27 21:00 - 2015-09-27 21:00 - 57503744 _____ C:\WINDOWS\system32\config\SOFTWARE.rhk
2015-09-27 21:00 - 2015-09-27 21:00 - 00155648 _____ C:\WINDOWS\system32\config\DEFAULT.rhk
2015-09-27 21:00 - 2015-09-27 21:00 - 00032768 _____ C:\WINDOWS\system32\config\SAM.rhk
2015-09-27 21:00 - 2015-09-27 21:00 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.rhk
2015-09-27 20:54 - 2015-09-27 20:54 - 00013264 _____ (wisecleaner.com) C:\WINDOWS\WiseHDInfo32.dll
2015-09-27 20:53 - 2015-09-27 20:54 - 06130064 _____ (WiseCleaner.com ) C:\Users\PC\Downloads\WiseCare365.exe
2015-09-27 17:59 - 2015-09-27 17:57 - 00090860 _____ C:\Users\PC\Desktop\PC-PC.LOG
2015-09-27 17:57 - 2015-09-27 21:07 - 00000000 ____D C:\Program Files\HWiNFO32
2015-09-27 17:57 - 2015-09-27 17:57 - 00023840 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO32.SYS
2015-09-27 17:56 - 2015-09-27 17:57 - 02688392 _____ (Martin Malík - REALiX ) C:\Users\PC\Downloads\hw32_504.exe
2015-09-27 14:10 - 2015-09-27 14:10 - 00002080 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-09-27 14:10 - 2015-09-27 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-27 13:47 - 2015-08-17 23:28 - 00606896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe
2015-09-27 13:46 - 2015-09-27 13:46 - 24209024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll
2015-09-27 13:46 - 2015-09-27 13:46 - 15302784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-09-27 13:46 - 2015-09-27 13:46 - 11379416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-09-27 13:46 - 2015-09-27 13:46 - 11316168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-09-27 13:46 - 2015-09-27 13:46 - 03996288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-09-27 13:46 - 2015-09-27 13:46 - 01068216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3234181.dll
2015-09-27 13:46 - 2015-09-27 13:46 - 00921400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3234181.dll
2015-09-27 13:46 - 2015-09-27 13:46 - 00916152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll
2015-09-27 13:46 - 2015-09-27 13:46 - 00877752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll
2015-09-27 13:46 - 2015-09-27 13:46 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-09-21 13:16 - 2015-09-21 14:22 - 2582112256 _____ C:\Users\PC\Downloads\SQLServer2014SP1-FullSlipstream-x86-ENU.iso
2015-09-17 15:54 - 2015-09-17 15:54 - 00065438 _____ C:\Users\PC\Desktop\BlockWindows.bat
2015-09-16 04:14 - 2015-09-16 04:14 - 00000216 _____ C:\Users\PC\Desktop\Frozen Free Fall Snowball Fight.url
2015-09-14 13:50 - 2015-09-14 13:50 - 00049778 _____ C:\Users\PC\Downloads\eRepublik_Stuff++.user.js
2015-09-13 13:20 - 2015-09-13 13:21 - 00390697 _____ C:\Users\PC\Desktop\ZBIRNA ISPORUKA PEC PO RAC 007 0914 2015 FINALLNA KOL.xlsx
2015-09-13 12:55 - 2015-09-13 18:18 - 00000000 ____D C:\Users\PC\Desktop\IZVOZ 007 SEPT 2015 PEC
2015-09-13 12:15 - 2015-09-13 12:16 - 00013380 _____ C:\HPLJP1000_P1500_Series.log
2015-09-13 12:15 - 2015-09-13 12:15 - 03549320 _____ C:\Users\PC\Downloads\ljP1000_P1500-HB-pnp-win32-en.exe
2015-09-11 14:25 - 2015-09-11 14:26 - 00000000 ____D C:\Users\PC\Desktop\New folder
2015-09-11 14:20 - 2015-09-11 14:20 - 01476179 _____ C:\Users\PC\Downloads\W10Privacy.zip
2015-09-09 14:16 - 2015-09-02 04:04 - 00069208 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-09 14:16 - 2015-09-02 02:31 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-09 14:16 - 2015-09-02 02:30 - 01134080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-09 14:16 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 14:16 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 14:16 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 14:16 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 14:16 - 2015-08-27 07:19 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 14:16 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-09 14:16 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 14:16 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 14:16 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 14:16 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 14:16 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 14:16 - 2015-08-27 07:11 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 14:16 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 14:16 - 2015-08-27 07:10 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-09 14:16 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 14:16 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-06 20:52 - 2015-09-06 20:52 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-09-06 20:52 - 2015-09-06 20:52 - 00000000 ____D C:\Users\DefaultAppPool
2015-09-06 20:52 - 2015-08-14 18:17 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-06 20:52 - 2015-08-10 20:16 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\HPActiveHealth
2015-09-06 20:52 - 2015-08-06 21:39 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\TuneUp Software
2015-09-06 20:52 - 2015-08-06 21:39 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2015-09-06 20:52 - 2015-07-10 10:28 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-06 20:52 - 2015-07-10 10:28 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-06 20:52 - 2015-07-10 10:28 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-06 20:52 - 2015-07-10 10:28 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-29 18:47 - 2015-08-20 07:25 - 06265168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 18:47 - 2015-08-20 07:22 - 00549160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 18:47 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 18:47 - 2015-08-20 06:46 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 18:47 - 2015-08-20 06:41 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 18:47 - 2015-08-20 06:35 - 01829376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 18:47 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 18:47 - 2015-08-18 09:26 - 00284000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 18:47 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 18:47 - 2015-08-18 09:14 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2015-08-29 18:47 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 18:47 - 2015-08-18 08:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 18:47 - 2015-08-18 08:47 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 18:47 - 2015-08-18 08:41 - 01161216 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 18:47 - 2015-08-18 08:40 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 18:47 - 2015-08-18 08:38 - 01875968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 18:47 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 18:47 - 2015-08-18 08:35 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 18:47 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 18:47 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 18:47 - 2015-08-18 08:35 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 18:47 - 2015-08-18 08:34 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 18:47 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 18:47 - 2015-08-18 08:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 18:47 - 2015-08-18 08:31 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 18:47 - 2015-08-18 08:30 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 18:47 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 18:47 - 2015-08-18 08:26 - 01499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 18:47 - 2015-08-18 08:26 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 18:47 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 18:47 - 2015-08-18 06:42 - 00006631 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-29 18:47 - 2015-08-18 06:42 - 00006313 _____ C:\WINDOWS\system32\ResPriImageList
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-28 01:57 - 2015-06-09 10:13 - 00000000 ____D C:\Program Files\Steam
2015-09-28 01:36 - 2015-04-07 02:08 - 00000906 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-28 01:35 - 2015-04-07 02:28 - 00000000 ____D C:\ProgramData\MFAData
2015-09-28 01:33 - 2015-04-07 02:36 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2015-09-28 01:27 - 2015-04-07 13:02 - 00000370 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2025573689-4008586652-292618053-1000.job
2015-09-28 00:45 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-27 23:49 - 2015-08-06 21:33 - 00996638 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-27 23:44 - 2015-08-06 21:30 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-27 23:44 - 2015-07-10 11:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-27 23:44 - 2015-04-07 02:08 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-27 23:43 - 2015-08-06 21:34 - 00000000 ____D C:\Users\PC
2015-09-27 23:43 - 2015-07-10 08:59 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-09-27 21:19 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-27 21:06 - 2015-04-08 14:03 - 00000000 ____D C:\Program Files\KMSpico
2015-09-27 21:06 - 2015-04-08 13:16 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-09-27 20:56 - 2015-08-07 07:27 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-27 20:56 - 2015-04-08 13:49 - 00000000 __RHD C:\MSOCache
2015-09-27 18:40 - 2015-04-07 13:02 - 00000370 _____ C:\WINDOWS\Tasks\update-sys.job
2015-09-27 13:47 - 2015-08-06 21:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-27 13:46 - 2015-06-29 22:46 - 16278688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2um.dll
2015-09-27 13:46 - 2015-06-29 22:46 - 14633232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dum.dll
2015-09-27 13:46 - 2015-06-29 22:46 - 10713272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-09-27 13:46 - 2015-06-29 22:46 - 02857720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2015-09-27 13:46 - 2015-06-29 22:46 - 00021015 _____ C:\WINDOWS\system32\nvinfo.pb
2015-09-27 13:46 - 2015-04-07 02:44 - 00069432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-09-27 13:34 - 2015-07-10 08:59 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-27 12:38 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-09-26 04:38 - 2015-08-06 21:44 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-22 18:08 - 2015-07-10 10:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-21 21:55 - 2015-08-06 22:13 - 00000000 ____D C:\Users\PC\AppData\Local\Comms
2015-09-16 04:14 - 2015-04-07 22:24 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-15 18:12 - 2015-07-10 10:29 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 10:29 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-09-13 12:55 - 2015-08-03 22:54 - 00000000 ___RD C:\Users\PC\Desktop\IZVOZ 005 AVGUST 2015
2015-09-13 12:16 - 2015-08-06 09:08 - 00000000 ____D C:\Users\PC\Desktop\Sa deska
2015-09-13 12:15 - 2015-08-09 19:24 - 00000000 ____D C:\Users\PC\AppData\Local\Hewlett-Packard
2015-09-10 21:50 - 2015-04-07 02:08 - 00000000 ____D C:\Users\PC\AppData\Local\Google
2015-09-09 23:59 - 2015-07-10 12:49 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 23:59 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-09 19:00 - 2015-04-15 19:20 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 19:00 - 2015-04-08 13:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-02 17:46 - 2015-04-25 01:46 - 00000000 ____D C:\Users\PC\AppData\Roaming\vlc
==================== Files in the root of some directories =======
2015-04-07 13:02 - 2015-04-07 13:02 - 0000003 _____ () C:\Users\PC\AppData\Local\updater.log
2015-04-07 13:02 - 2015-04-23 01:46 - 0000412 _____ () C:\Users\PC\AppData\Local\UserProducts.xml
Some files in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\UNINSTALL.EXE
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-21 08:23
==================== End of FRST.txt ============================
https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png
|