- Killer7
- Super građanin
- Pridružio: 12 Jul 2012
- Poruke: 1023
Pozdrav treba mi jedna pomoc. Danas se vratim kuci i vidim da mi tata nesto instalirao na laptopu... Otvorim Mozillu i pojavi se neka stranica '''' i to ne mogu da obrisem nema leka. Nije ga bilo u instalaciji i pri tom ga nisam mogao obrisati. U ekstenzijama ga nema, nema ga u addonsima ali on se opet pojavi. Stavim da je google pocetna stranica i svaki put kad udjem u mozilu, google chrome ili Internet explorer prva stranica mi bude taj sajt i pojave se neke reklame poput ''League of Angels 2'' neka igra i tako to...
Skenirao sam sa AVG ali on nista nije pronasao, skenirao sam sa Adware cleaner i pronasao je 25 pretnji ali to nista nije bilo vezano za ovaj sajt. Koristio sam i neki drugi program i pronasao je neku pretnju '''' u registriju medjutim nije hteo da obrise jer se treba platiti program, a ja sam trazio taj program, trazio sam foldere u search, trazio sam u registriju i nigde nema ''safesurfs.exe,.net'' ili tako nesto slicno. Traga od toga nema ali taj problem mi ostaje. Resetovao sam browsere sve sam reset i sve podatke obrisao ali to je i dalje ostalo. Ja ne znam vise sta da radim...
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Metallica41 (administrator) on FIKO (02-09-2016 18:46:58)
Running from C:\Users\Stefan\Downloads
Loaded Profiles: Metallica41 (Available Profiles: Metallica41)
Platform: Windows 8 (X64) Language: English (United Kingdom)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-07] (ASUS)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-08-23] (Alcor Micro Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [204560 2016-08-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6709008 2016-07-28] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-473922799-1250382268-3828485289-1001\...\Run: [CCleaner Monitoring] => D:\Ccleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-473922799-1250382268-3828485289-1001\...\MountPoints2: F - "F:\setup.exe" /autorun
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-24]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{02BEEDC7-9D69-4DCB-A274-DD31870171B1}: [DhcpNameServer]
Internet Explorer:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-473922799-1250382268-3828485289-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
HKU\S-1-5-21-473922799-1250382268-3828485289-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
SearchScopes: HKU\S-1-5-21-473922799-1250382268-3828485289-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-01] (Oracle Corporation)
FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\91ithn9o.default-1472832363770
FF Homepage: hxxps://
FF Plugin: -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32:,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32:,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
CHR Profile: C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-15]
CHR Extension: (Google Docs) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-15]
CHR Extension: (Google Drive) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15]
CHR Extension: (YouTube) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-15]
CHR Extension: (Google Search) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-15]
CHR Extension: (Google Sheets) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-15]
CHR Extension: (Google Docs Offline) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-15]
CHR Extension: (Chrome Media Router) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-29]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5267456 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-08-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-09-12] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [314112 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [261888 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3295984 2012-07-26] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-02] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-09-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-09-12] (Microsoft Corporation)
S1 MpKsl401057ca; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{91F810EA-D191-4433-8507-55913FA18A30}\MpKsl401057ca.sys [X]
U0 msahci; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-02 18:46 - 2016-09-02 18:48 - 00014007 _____ C:\Users\Stefan\Downloads\FRST.txt
2016-09-02 18:46 - 2016-09-02 18:46 - 02397696 _____ (Farbar) C:\Users\Stefan\Downloads\FRST64.exe
2016-09-02 18:46 - 2016-09-02 18:46 - 00000000 ____D C:\FRST
2016-09-02 18:43 - 2016-09-02 18:43 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-09-02 18:42 - 2016-09-02 18:43 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\GameLauncher
2016-09-02 18:19 - 2016-09-02 18:19 - 00001263 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-02 17:48 - 2016-09-02 17:48 - 00000000 _____ C:\autoexec.bat
2016-09-02 17:46 - 2016-09-02 17:46 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-09-02 17:23 - 2016-09-02 18:31 - 00000000 ____D C:\AdwCleaner
2016-09-02 17:23 - 2016-09-02 17:23 - 03826240 _____ C:\Users\Stefan\Downloads\adwcleaner_6.010.exe
2016-09-02 14:21 - 2016-09-02 14:22 - 00000000 ____D C:\Users\Stefan\Downloads\[R.G. Mechanics] F.E.A.R. Anthology
2016-09-02 14:14 - 2016-09-02 14:14 - 00000000 ____D C:\Users\Stefan\Downloads\FEAR.Complete.EN-RU.Repack
2016-08-26 22:57 - 2016-08-26 22:57 - 00283800 _____ C:\Windows\Minidump\082616-48812-01.dmp
2016-08-26 22:50 - 2016-08-26 23:00 - 00000905 _____ C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.txt
2016-08-26 22:50 - 2016-08-26 23:00 - 00000000 _____ C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2016-08-26 22:50 - 2016-08-26 22:50 - 00001167 _____ C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.1.txt
2016-08-26 19:34 - 2016-08-26 23:00 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\NCH Software
2016-08-26 19:34 - 2016-08-26 23:00 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-08-26 19:34 - 2016-08-26 22:47 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2016-08-26 19:34 - 2016-08-26 19:34 - 00000000 ____D C:\ProgramData\NCH Software
2016-08-26 19:32 - 2016-08-26 19:32 - 00001206 _____ C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.ini
2016-08-26 19:32 - 2016-08-26 19:32 - 00000000 _____ C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.Data.ini
2016-08-26 19:29 - 2016-08-26 19:29 - 00000098 _____ C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.command
2016-08-26 16:17 - 2016-09-02 15:22 - 00000000 ____D C:\Users\Stefan\AppData\Local\NFS Underground 2
2016-08-26 16:08 - 2016-08-26 19:33 - 00004509 _____ C:\Users\Stefan\AppData\Roaming\CamStudio.cfg
2016-08-26 16:08 - 2016-08-26 19:33 - 00000408 _____ C:\Users\Stefan\AppData\Roaming\CamShapes.ini
2016-08-26 16:08 - 2016-08-26 19:33 - 00000408 _____ C:\Users\Stefan\AppData\Roaming\CamLayout.ini
2016-08-26 16:08 - 2016-08-26 19:33 - 00000104 _____ C:\Users\Stefan\AppData\Roaming\Camdata.ini
2016-08-26 14:45 - 2016-08-26 14:45 - 00005029 _____ C:\Users\Stefan\Downloads\replay_1498562548.bat
2016-08-24 17:05 - 2016-08-24 17:05 - 00005029 _____ C:\Users\Stefan\Downloads\replay_1496981649.bat
2016-08-21 02:49 - 2016-08-21 02:49 - 00005029 _____ C:\Users\Stefan\Downloads\replay_1493608324.bat
2016-08-17 21:15 - 2016-08-17 21:15 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-08-17 16:43 - 2016-08-18 20:43 - 00000000 ____D C:\ProgramData\NFS Underground
2016-08-17 01:44 - 2016-08-17 16:42 - 00000000 ____D C:\Users\Stefan\AppData\Local\ElevatedDiagnostics
2016-08-14 19:51 - 2016-08-14 19:51 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\2K Sports
2016-08-11 23:05 - 2016-08-26 22:57 - 361606113 _____ C:\Windows\MEMORY.DMP
2016-08-11 23:05 - 2016-08-26 22:57 - 00000000 ____D C:\Windows\Minidump
2016-08-11 23:05 - 2016-08-11 23:06 - 00283744 _____ C:\Windows\Minidump\081116-46265-01.dmp
2016-08-09 14:23 - 2016-08-09 14:53 - 00000000 ____D C:\Users\Stefan\Documents\GTA San Andreas User Files
2016-08-05 23:59 - 2016-08-05 23:59 - 00000000 ____D C:\Users\Stefan\AppData\Local\MyNes
2016-08-05 18:47 - 2016-08-05 18:47 - 00303232 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-05 09:03 - 2016-08-05 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-05 09:03 - 2016-08-05 09:03 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-05 09:00 - 2016-08-05 09:00 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-08-05 09:00 - 2016-08-05 09:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-08-05 08:58 - 2016-08-05 09:02 - 00000000 ____D C:\Program Files (x86)\AVG
2016-08-04 19:35 - 2016-08-04 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars - Knights of the Old Republic []
2016-08-03 23:26 - 2016-08-03 23:27 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\MKKE
2016-08-03 03:00 - 2016-08-03 03:00 - 00000000 ____D C:\ProgramData\Ubisoft
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-02 18:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-09-02 18:18 - 2016-01-15 03:53 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-02 18:18 - 2015-09-12 20:16 - 00000000 ____D C:\ProgramData\MFAData
2016-09-02 18:18 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-09-02 18:17 - 2016-01-15 03:53 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-02 18:17 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-02 17:51 - 2016-01-15 03:54 - 00002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-02 17:51 - 2015-08-27 21:06 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\uTorrent
2016-09-02 17:49 - 2015-08-27 13:02 - 00001051 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-02 17:47 - 2015-08-27 12:14 - 00000000 ____D C:\Users\Stefan
2016-09-02 17:21 - 2016-01-15 03:54 - 00002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-02 17:21 - 2015-08-27 12:17 - 00001630 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-02 14:01 - 2012-07-26 10:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-02 14:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-09-01 15:59 - 2015-12-21 15:04 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\AIMP3
2016-08-30 19:23 - 2016-01-02 19:00 - 36446720 ___SH C:\Users\Stefan\Desktop\Thumbs.db
2016-08-30 14:06 - 2015-10-26 12:54 - 00000000 ____D C:\Users\Stefan\Documents\My Games
2016-08-30 14:06 - 2015-09-17 12:11 - 00000000 ____D C:\Users\Stefan\Desktop\Igre
2016-08-27 03:22 - 2016-01-23 02:05 - 00000951 _____ C:\Users\Stefan\Desktop\New Text Document (3).txt
2016-08-26 20:09 - 2015-08-27 12:25 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-473922799-1250382268-3828485289-1001
2016-08-26 18:58 - 2016-04-26 21:05 - 00000000 ____D C:\ProgramData\Origin
2016-08-26 18:57 - 2016-04-26 21:16 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-08-26 16:13 - 2015-09-04 21:03 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-08-26 16:12 - 2016-04-20 00:47 - 00000000 ____D C:\Temp
2016-08-26 13:06 - 2016-04-22 22:11 - 00000607 _____ C:\Users\Stefan\Desktop\profa.txt
2016-08-25 12:49 - 2015-08-27 13:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-17 21:16 - 2016-05-28 17:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-08-17 21:15 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\Inf
2016-08-17 21:05 - 2015-09-09 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
2016-08-17 19:43 - 2015-08-27 12:15 - 00000000 ____D C:\Users\Stefan\AppData\Local\VirtualStore
2016-08-17 16:41 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2016-08-12 15:30 - 2012-10-24 22:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-11 23:19 - 2016-01-08 20:28 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2016-08-11 22:21 - 2015-08-27 13:00 - 00084480 _____ C:\DUMP4bed.tmp
2016-08-06 15:31 - 2016-07-26 12:23 - 00000000 ____D C:\Users\Stefan\Downloads\New folder
2016-08-05 09:04 - 2015-09-12 20:14 - 00000000 ____D C:\Users\Stefan\AppData\Local\Avg
2016-08-05 09:03 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-08-05 09:02 - 2016-07-11 19:34 - 00000000 ___HD C:\$AVG
2016-08-05 09:00 - 2015-10-26 12:16 - 00000000 ____D C:\ProgramData\Avg
2016-08-05 09:00 - 2015-09-12 20:14 - 00000000 ____D C:\Users\Stefan\AppData\Local\AvgSetupLog
2016-08-05 01:22 - 2015-11-02 04:18 - 00000000 ____D C:\Users\Stefan\Downloads\PopcornTime
==================== Files in the root of some directories =======
2016-08-26 16:08 - 2016-08-26 19:33 - 0000104 _____ () C:\Users\Stefan\AppData\Roaming\Camdata.ini
2016-08-26 16:08 - 2016-08-26 19:33 - 0000408 _____ () C:\Users\Stefan\AppData\Roaming\CamLayout.ini
2016-08-26 16:08 - 2016-08-26 19:33 - 0000408 _____ () C:\Users\Stefan\AppData\Roaming\CamShapes.ini
2016-08-26 16:08 - 2016-08-26 19:33 - 0004509 _____ () C:\Users\Stefan\AppData\Roaming\CamStudio.cfg
2016-08-26 19:29 - 2016-08-26 19:29 - 0000098 _____ () C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.command
2016-08-26 19:32 - 2016-08-26 19:32 - 0000000 _____ () C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.Data.ini
2016-08-26 19:32 - 2016-08-26 19:32 - 0001206 _____ () C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.ini
2015-08-27 12:18 - 2015-08-27 12:56 - 0000352 _____ () C:\Users\Stefan\AppData\Roaming\sp_data.sys
2016-08-26 22:50 - 2016-08-26 22:50 - 0001167 _____ () C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.1.txt
2016-08-26 22:50 - 2016-08-26 23:00 - 0000905 _____ () C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.txt
2016-08-26 22:50 - 2016-08-26 23:00 - 0000000 _____ () C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2016-04-05 10:19 - 2016-04-05 10:19 - 0000094 _____ () C:\Users\Stefan\AppData\Local\fusioncache.dat
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
Some files in TEMP:
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-23 16:19
==================== End of FRST.txt ============================
Stvarno se bojim za ovo pise na internetu da je virus ili nesto opasno ali ja ga ne mogu obrisati, sta god uradio on je uvek prisutan iako mu fajlova na disku nema ili ja to ne mogu pronaci. Molim vas pomozite mi.