MyCity » Ambulanta -> Arhiva Ambulante » Usporen rad racunara

Usporen rad racunara

Napisano na dan: 12.3.2016

Usporen rad racunara
Sledeća strana Pagination

Idi na vrh

Poslao: 12 Mar 2016 17:59
Idi na vrh
offline
  • Long drive and music.
  • Pridružio: 02 Nov 2014
  • Poruke: 614

Pozdrav, racunar je krenuo bas usporeno da radi pa me zanima da nije neki virus ili je samo do update-a zato sto nemam trenutno normalan internet.
First:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Mihajlo (administrator) on MIHAJLO (12-03-2016 17:55:07)
Running from C:\Users\Mihajlo-PC\Desktop
Loaded Profiles: Mihajlo (Available Profiles: Mihajlo)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeter.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-08-16] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074088 2015-09-03] (The Eraser Project)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2015-06-08] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [286960 2016-02-11] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [712432 2016-02-03] ()
HKU\S-1-5-21-1510697321-4494483-2436181512-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-30] (Skype Technologies S.A.)
HKU\S-1-5-21-1510697321-4494483-2436181512-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-1510697321-4494483-2436181512-1001\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [9795736 2015-11-19] (Hagel Technologies Ltd.)
HKU\S-1-5-21-1510697321-4494483-2436181512-1001\...\Run: [Viber] => C:\Users\Mihajlo-PC\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] ()
HKU\S-1-5-21-1510697321-4494483-2436181512-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] False
HKU\S-1-5-21-1510697321-4494483-2436181512-1001\...\MountPoints2: G - "G:\Install.exe"
HKU\S-1-5-21-1510697321-4494483-2436181512-1001\...\MountPoints2: H - "H:\Install.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-02-11]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 activation.cloud.techsmith.eom
Tcpip\Parameters: [DhcpNameServer] 172.28.11.15
Tcpip\..\Interfaces\{655413C6-76F0-4454-8AF9-FBBA864CF211}: [DhcpNameServer] 172.28.11.15

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1510697321-4494483-2436181512-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-02-03] (RealDownloader)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-02-03] (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Mihajlo-PC\AppData\Roaming\Mozilla\Firefox\Profiles\j7be4jbo.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.3.100 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-02-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.3.100 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-02-11] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Extension: anonymoX - C:\Users\Mihajlo-PC\AppData\Roaming\Mozilla\Firefox\Profiles\j7be4jbo.default\Extensions\client@anonymox.net.xpi [2015-10-26]
FF Extension: Adblock Plus - C:\Users\Mihajlo-PC\AppData\Roaming\Mozilla\Firefox\Profiles\j7be4jbo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-09]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-31]
CHR Extension: (Google Docs) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-31]
CHR Extension: (Google Drive) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Google Search) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Google Sheets) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-31]
CHR Extension: (Donna Karan) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2016-02-11]
CHR Extension: (Google Docs Offline) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-31]
CHR Extension: (Gmail) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-31]
CHR Profile: C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mihajlo-PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
R2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [5831832 2015-11-19] (Hagel Technologies Ltd.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-06-04] (Intel Corporation)
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [183112 2015-12-11] ()
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-02-03] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-02-11] (RealNetworks, Inc.)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-12-04] (@ByELDI) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DUMeterDrv; C:\Program Files (x86)\DU Meter\DUMETR64.SYS [21080 2015-11-19] (Hagel Technologies Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-13] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-13] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-13] (ESET)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-31] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-12 17:55 - 2016-03-12 17:55 - 00014236 _____ C:\Users\Mihajlo-PC\Desktop\FRST.txt
2016-03-12 17:54 - 2016-03-12 17:54 - 02374144 _____ (Farbar) C:\Users\Mihajlo-PC\Desktop\FRST64.exe
2016-03-10 19:14 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-10 19:14 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-10 19:14 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-10 19:14 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-10 19:14 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-10 19:14 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-10 19:14 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-10 19:14 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-10 19:14 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-03-10 19:14 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-10 19:14 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-10 19:14 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-10 19:14 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-10 19:14 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-10 19:14 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-10 19:14 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-10 19:14 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-10 19:13 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-10 19:13 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-10 19:13 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-03-10 19:13 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-10 19:13 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-10 19:13 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-10 19:13 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-10 19:13 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-10 19:13 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-10 19:13 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-10 19:13 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-03-10 19:13 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-10 19:13 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-10 19:13 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-03-10 19:13 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-10 19:13 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-10 19:13 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-10 19:13 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-10 19:13 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-10 19:13 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-03-10 19:13 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-10 18:59 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-10 18:59 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-10 18:59 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-03-10 18:59 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-03-10 18:57 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-03-10 18:57 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-03-10 18:56 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-03-10 18:56 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-03-10 18:56 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-03-10 18:56 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-03-10 15:52 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-10 15:52 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-10 15:51 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-03-10 15:51 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-03-10 15:51 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-03-10 15:50 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-10 15:50 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-10 15:50 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-10 15:50 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-10 15:50 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-10 15:49 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-10 15:49 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-10 15:49 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-03-10 15:49 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-10 15:49 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-10 15:49 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-10 15:49 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-10 15:49 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-10 15:49 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-10 15:49 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-10 15:49 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-10 15:49 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-10 15:47 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-03-10 15:47 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-03-10 15:43 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-10 15:42 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-10 15:42 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-10 15:42 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-10 15:42 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-10 15:42 - 2016-01-31 20:16 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-10 15:41 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-10 15:41 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-10 15:41 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-10 15:41 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-10 15:41 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-10 15:40 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-10 15:40 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-10 15:38 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-10 15:34 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-10 15:34 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-10 15:33 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-10 15:33 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-10 15:33 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-03-10 15:32 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-10 15:32 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-10 15:32 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-03-10 15:29 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-03-10 15:24 - 2016-01-24 19:19 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-03-10 15:24 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-10 15:24 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-03-10 15:24 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-03-10 15:24 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-03-10 15:24 - 2016-01-09 02:38 - 00091992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-03-09 20:54 - 2016-03-11 13:04 - 04893984 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-27 13:12 - 2016-02-27 13:12 - 00000000 ____D C:\Users\Mihajlo-PC\Documents\PassMark
2016-02-27 13:12 - 2016-02-27 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest (64-bit)
2016-02-27 13:12 - 2016-02-27 13:12 - 00000000 ____D C:\Program Files\PerformanceTest
2016-02-27 13:12 - 2008-07-12 08:18 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-02-27 13:12 - 2008-07-12 08:18 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-02-27 13:12 - 2008-07-12 08:18 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-02-26 17:28 - 2016-02-26 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2016-02-26 17:27 - 2016-02-26 17:27 - 16270006 _____ C:\Users\Mihajlo-PC\sa-mp-0.3.7-install.exe
2016-02-26 17:17 - 2016-02-26 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-02-18 23:45 - 2016-02-21 02:20 - 00000000 ____D C:\Program Files\Recuva
2016-02-18 23:45 - 2016-02-18 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2016-02-17 20:57 - 2016-02-17 20:57 - 00000000 ____D C:\Users\Mihajlo-PC\Documents\Multisoft
2016-02-17 20:57 - 2016-02-17 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multisoft
2016-02-17 20:55 - 2016-02-18 13:45 - 00000000 ____D C:\Program Files (x86)\3D Instructor 2.2 Home
2016-02-14 21:24 - 2010-03-15 10:31 - 00165376 _____ C:\Windows\SysWOW64\unrar.dll
2016-02-14 19:21 - 2016-02-14 19:21 - 00000000 ____D C:\Users\Mihajlo-PC\.cache
2016-02-11 23:14 - 2016-02-11 23:15 - 00000000 ____D C:\Users\Mihajlo-PC\AppData\Local\Audacity
2016-02-11 23:13 - 2016-02-11 23:14 - 10921409 _____ C:\Users\Mihajlo-PC\Downloads\audacity-win-2.1.2.zip
2016-02-11 22:38 - 2016-03-08 13:26 - 00003364 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1510697321-4494483-2436181512-1001
2016-02-11 22:38 - 2016-03-08 13:26 - 00003306 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1510697321-4494483-2436181512-1001
2016-02-11 22:38 - 2016-02-11 22:38 - 00003384 _____ C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1510697321-4494483-2436181512-1001
2016-02-11 22:26 - 2016-02-20 00:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-11 22:02 - 2016-02-11 22:02 - 00000330 _____ C:\Windows\Tasks\RealDownloader Update Check.job
2016-02-11 22:02 - 2016-02-11 22:02 - 00000000 ____D C:\Users\Mihajlo-PC\AppData\Local\Real
2016-02-11 22:01 - 2016-02-11 22:01 - 00000000 ____D C:\Users\Mihajlo-PC\AppData\Roaming\RealNetworks
2016-02-11 22:01 - 2016-02-11 22:01 - 00000000 ____D C:\ProgramData\RealNetworks
2016-02-11 22:01 - 2016-02-11 22:01 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2016-02-11 22:00 - 2016-02-11 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2016-02-11 22:00 - 2016-02-11 22:00 - 00278768 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2016-02-11 22:00 - 2016-02-11 22:00 - 00200944 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2016-02-11 21:59 - 2016-02-11 22:02 - 00000000 ____D C:\Users\Mihajlo-PC\AppData\Roaming\Real
2016-02-11 21:59 - 2016-02-11 22:02 - 00000000 ____D C:\Program Files (x86)\Real
2016-02-11 21:56 - 2016-02-11 22:02 - 00000000 ____D C:\ProgramData\Real

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-12 17:55 - 2015-12-12 20:55 - 00000000 ____D C:\FRST
2016-03-12 17:42 - 2015-07-14 02:02 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-12 13:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-03-12 13:28 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-03-12 12:20 - 2015-08-30 20:38 - 00000000 ___DO C:\Users\Mihajlo-PC\OneDrive
2016-03-12 12:18 - 2015-07-14 02:02 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-11 23:44 - 2016-02-07 18:19 - 00000000 ____D C:\Users\Mihajlo-PC\AppData\Roaming\AIMP
2016-03-11 22:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-03-11 21:06 - 2015-10-31 23:22 - 00000000 ___RD C:\Users\Mihajlo-PC\Desktop\Text
2016-03-11 15:37 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-03-11 13:09 - 2015-10-13 15:41 - 00000000 ____D C:\Users\Mihajlo-PC\AppData\Local\CrashDumps
2016-03-11 13:04 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-10 22:53 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-10 22:50 - 2015-07-15 23:20 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-10 22:49 - 2015-07-14 01:48 - 00000000 ____D C:\Users\Mihajlo-PC
2016-03-10 19:56 - 2015-07-14 02:03 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1510697321-4494483-2436181512-1001
2016-03-10 19:49 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-03-10 19:44 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-10 19:43 - 2015-07-14 02:48 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 19:39 - 2015-07-14 02:48 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 15:10 - 2015-12-09 16:08 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-10 15:10 - 2015-12-09 16:08 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-10 15:10 - 2015-12-09 16:08 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 13:06 - 2015-07-16 16:14 - 00000000 ____D C:\Program Files (x86)\Wise Disk Cleaner
2016-03-09 12:59 - 2015-07-14 19:29 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-09 12:59 - 2015-07-14 19:29 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-08 08:00 - 2015-07-13 18:17 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-08 08:00 - 2013-08-22 16:38 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-07 20:04 - 2015-07-31 22:54 - 00000000 ____D C:\Users\Mihajlo-PC\AppData\Roaming\.minecraft
2016-03-07 12:40 - 2015-07-14 01:55 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-04 14:32 - 2015-12-13 20:28 - 00000000 ____D C:\Users\Mihajlo-PC\Documents\GTA San Andreas User Files
2016-02-27 15:44 - 2015-07-13 21:10 - 00000000 ____D C:\Users\Mihajlo-PC\AppData\Roaming\BitTorrent
2016-02-26 17:17 - 2015-08-16 11:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-26 16:32 - 2015-07-19 19:00 - 00000000 ____D C:\Users\Mihajlo-PC\AppData\Roaming\Skype
2016-02-19 21:43 - 2015-07-14 02:02 - 00002232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 21:43 - 2015-07-14 02:02 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-18 14:08 - 2015-10-06 20:43 - 00000000 ___RD C:\Users\Mihajlo-PC\Desktop\Camtasia
2016-02-18 14:08 - 2015-10-06 20:16 - 00000000 ___RD C:\Users\Mihajlo-PC\Desktop\Games
2016-02-17 21:05 - 2015-07-18 21:02 - 00000000 ____D C:\ProgramData\TEMP
2016-02-14 00:23 - 2015-07-22 11:02 - 00000000 ____D C:\Users\Mihajlo-PC\AppData\Roaming\Audacity
2016-02-11 22:37 - 2015-07-14 02:02 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-11 22:37 - 2015-07-14 02:02 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-11 22:01 - 2015-09-12 19:51 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-11 22:00 - 2013-04-11 12:55 - 00505584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2016-02-11 22:00 - 2013-04-11 12:55 - 00354032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll

==================== Files in the root of some directories =======

2015-07-21 23:28 - 2015-07-21 23:28 - 0000132 _____ () C:\Users\Mihajlo-PC\AppData\Roaming\Adobe GIF Format CS5 Prefs
2015-07-21 23:57 - 2015-07-22 08:00 - 0000130 _____ () C:\Users\Mihajlo-PC\AppData\Roaming\Camdata.ini
2015-07-21 23:57 - 2015-07-22 08:00 - 0000408 _____ () C:\Users\Mihajlo-PC\AppData\Roaming\CamLayout.ini
2015-07-21 23:57 - 2015-07-22 08:00 - 0000408 _____ () C:\Users\Mihajlo-PC\AppData\Roaming\CamShapes.ini
2015-07-21 23:57 - 2015-07-22 08:00 - 0004536 _____ () C:\Users\Mihajlo-PC\AppData\Roaming\CamStudio.cfg
2015-07-21 21:08 - 2015-07-22 07:53 - 0000096 _____ () C:\Users\Mihajlo-PC\AppData\Roaming\version2.xml
2015-08-15 21:16 - 2015-08-15 21:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Mihajlo-PC\sa-mp-0.3.7-install.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-09 21:06

==================== End of FRST.txt ============================

https://www.mycity.rs/must-login.png

Poslao: 12 Mar 2016 23:39
Idi na vrh
offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Pozdrav!

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
Task: {3EEC9466-055B-4A3F-9080-76C628843349} - System32\Tasks\{3FCC5D6E-C50A-4AC7-BD24-810B34EB3210} => pcalua.exe -a C:\Users\Mihajlo-PC\AppData\Roaming\sweet-page\UninstallManager.exe -c  -ptid=cor
C:\Users\Mihajlo-PC\AppData\Roaming\sweet-page
AlternateDataStreams: C:\ProgramData\TEMP:10D14739 [121]
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [128]
EmptyTemp:

2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.


Nakon toga,


Preuzmi TDSSKiller, sacuvaj alat na Desktop i dvoklikom pokreni TDSSKiller.exe
U "End user Licence Agreement" dijalogu klikni na Accept.
Takođe, u "KSN Statement" dijalogu klikni na Accept.

klikni na dugme Start Scan

Ukoliko sumnjive stavke Suspicious object budu detektovani, podrazumevana opcija (default action) jeste Skip, klikni na Continue.
Ukoliko maliciozni objekti Malicious objects budu detektovani, izaberi opciju Cure.
Okaci mi sadrzaj log-a sa sledece lokacije:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vreme kada je log napravljen)

Poslao: 13 Mar 2016 14:45
Idi na vrh
offline
  • Long drive and music.
  • Pridružio: 02 Nov 2014
  • Poruke: 614

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Mihajlo (2016-03-13 14:36:02) Run:1
Running from C:\Users\Mihajlo-PC\Desktop
Loaded Profiles: Mihajlo (Available Profiles: Mihajlo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
Task: {3EEC9466-055B-4A3F-9080-76C628843349} - System32\Tasks\{3FCC5D6E-C50A-4AC7-BD24-810B34EB3210} => pcalua.exe -a C:\Users\Mihajlo-PC\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor
C:\Users\Mihajlo-PC\AppData\Roaming\sweet-page
AlternateDataStreams: C:\ProgramData\TEMP:10D14739 [121]
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [128]
EmptyTemp:
*****************

Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EEC9466-055B-4A3F-9080-76C628843349}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EEC9466-055B-4A3F-9080-76C628843349}" => key removed successfully
C:\Windows\System32\Tasks\{3FCC5D6E-C50A-4AC7-BD24-810B34EB3210} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3FCC5D6E-C50A-4AC7-BD24-810B34EB3210}" => key removed successfully
"C:\Users\Mihajlo-PC\AppData\Roaming\sweet-page" => not found.
C:\ProgramData\TEMP => ":10D14739" ADS removed successfully.
C:\ProgramData\TEMP => ":FB6A21E3" ADS removed successfully.
EmptyTemp: => 680.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 14:37:13 ====


https://www.mycity.rs/must-login.png

Poslao: 13 Mar 2016 20:21
Idi na vrh
offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Problem koji imas nije uzrokovan malverom. Tvoj racunar je cist.
Pokusaj da pomoc potrazis u Windows ili Hardver delu foruma.

Sledeća procedura će implementirati završno čišćenje.



Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

MyCity » Ambulanta -> Arhiva Ambulante » Usporen rad racunara

Ko je trenutno na forumu
 

Ukupno su 1073 korisnika na forumu :: 37 registrovanih, 4 sakrivenih i 1032 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Atomski čoban, babaroga, Bane san, bestguarder, bojankrstc, Brana01, Bubimir, dankisha, darcaud, Denaya, djuradj, FOX, Frunze, Georgius, Istman, Jakov01, joca83, Komentator, Kubovac, kunktator, Marko Marković, Mi lao shu, mikrimaus, milenko crazy north, Millennium, Milometer, milos.cbr, milos97, Panter, procesor, Sirius, suponik, vasa.93, Volkhov-M, vranjanac29, Yellow Pinky, zdrebac