Poslao: 22 Maj 2017 16:38
|
offline
- Pridružio: 28 Jan 2009
- Poruke: 76
|
Pozdrav ekipo. Već nekolika dana surfujući Chromom mi otvara periodnično spam stranice i surfovanje je prilično usporeno.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
Ran by (administrator) on NIKOLAPC (22-05-2017 17:31:05)
Running from C:\Users\Nikola Pejovic\Desktop
Loaded Profiles: Nikola Pejovic (Available Profiles: Nikola Pejovic)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\OnlineUpdate\ouc.exe
() C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
() C:\Users\Nikola Pejovic\AppData\Local\Viber\Viber.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Nikola Pejovic\Desktop\FRST64 (2).exe
(MDL) C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Windows\Temp\AutoKMS\TunMirror.exe
(My Digital Life Forums) C:\Windows\Temp\AutoKMS\KMS Server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
HKLM-x32\...\Run: [MTel_ontenegro Imola ModemListener] => C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe [125504 2012-05-14] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ACPW07EN] => C:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1414984 2013-09-25] (ACD Systems)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [Viber] => C:\Users\Nikola Pejovic\AppData\Local\Viber\Viber.exe [80036560 2015-05-25] ()
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [Dropbox Update] => C:\Users\Nikola Pejovic\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: D - "D:\autorun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {06ffbd2c-e5fb-11e4-827d-60d819ea6866} - "G:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {06ffbd7f-e5fb-11e4-827d-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {1c2b1253-13c8-11e4-825a-60d819ea6866} - "D:\autorun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {403db24f-c8f7-11e5-82b9-60d819ea6866} - "G:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {46966f1b-2cac-11e5-8285-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {4c352bcc-f3da-11e4-827e-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {8f3306ca-33bd-11e4-825e-60d819ea6866} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {8f3306d8-33bd-11e4-825e-60d819ea6866} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {ca7e1973-6c5d-11e6-82fd-60d819ea6866} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {e4e87462-9b4c-11e5-82ac-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {e4e87525-9b4c-11e5-82ac-60d819ea6866} - "D:\AutoRun.exe"
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [JzShlobj] -> {7B286609-DA97-47E1-AC6B-33B8B4732C95} => -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
Startup: C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-05-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2685DFB0-E5AB-43CB-B5EE-5F4148B3C450}: [DhcpNameServer] 10.0.44.1
Tcpip\..\Interfaces\{51D99859-CEE1-4B15-AA5C-B73E1ABD6149}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2864281891-3376825052-3278056506-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-02] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-02] (Microsoft Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-10-24] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll [2014-11-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll [2014-11-03] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-07-11] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-07-11] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: gregugitulestogagh
CHR HomePage: gregugitulestogagh -> hxxp://www.google.com/
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default [2016-10-29]
CHR Extension: (Google Slides) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-28]
CHR Extension: (Google Docs) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-28]
CHR Extension: (Google Drive) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-28]
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-10-28]
CHR Extension: (Google Sheets) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-28]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-28]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh [2017-05-22] <==== ATTENTION
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Unseen) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\iicapmagmhahddefgokbabbgieiogjop [2017-03-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh [2016-07-13] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-13]
CHR Extension: (Google Docs) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-13]
CHR Extension: (Google Drive) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-13]
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-13]
CHR Extension: (Google Sheets) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-13]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-13]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-07-13]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\System Profile [2016-07-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed]
R2 MTel_ontenegro Imola Modem Device Helper; C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [375040 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [120832 2011-06-20] (TCT International Mobile Ltd)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2013-10-31] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [236888 2013-10-31] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-02-02] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-02-02] (Zemana Ltd.)
S3 avchv; \SystemRoot\system32\DRIVERS\avchv.sys [X]
S1 MpKsl209e431b; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D12B0855-EECF-4B7D-9690-D53D32B4F929}\MpKsl209e431b.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-22 17:31 - 2017-05-22 17:31 - 00024041 _____ C:\Users\Nikola Pejovic\Desktop\FRST.txt
2017-05-22 17:30 - 2017-05-22 17:30 - 02429952 _____ (Farbar) C:\Users\Nikola Pejovic\Desktop\FRST64 (2).exe
2017-05-22 17:29 - 2017-05-22 17:30 - 02429952 _____ (Farbar) C:\Users\Nikola Pejovic\Downloads\FRST64 (2).exe
2017-05-22 14:57 - 2017-05-22 14:57 - 00741376 _____ C:\Users\Nikola Pejovic\Downloads\Predavanje-4.ppt
2017-05-22 14:13 - 2017-05-22 14:16 - 00030208 _____ C:\Users\Nikola Pejovic\Desktop\Table6_4.xls
2017-05-20 14:37 - 2017-05-20 14:51 - 26761852 _____ C:\Users\Nikola Pejovic\Downloads\K. A. Brownlee-Statistical Theory and Methodology in Science and Engineering-John Wiley & Sons (1965).pdf
2017-05-20 11:00 - 2017-05-20 11:00 - 07001882 _____ C:\Users\Nikola Pejovic\Downloads\(7th+Edition)+Robert+V.+Hogg,+Joeseph+McKean,+Allen+T+Craig-Introduction+to+Mathematical+Statistics-Pearson+(2012).pdf
2017-05-18 17:08 - 2017-05-18 17:08 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-17 15:04 - 2017-05-17 15:06 - 06305453 _____ C:\Users\Nikola Pejovic\Downloads\Gujarati, Damodar N-Basic econometrics._ Student solutions manual for use with Basic econometrics-McGraw-Hill (2004).pdf
2017-05-17 11:45 - 2017-05-17 11:45 - 00871052 _____ C:\Users\Nikola Pejovic\Downloads\5e_data_sets (2).zip
2017-05-15 12:07 - 2017-05-15 12:07 - 00024390 _____ C:\Users\Nikola Pejovic\Downloads\Prijava (1).pdf
2017-05-15 11:40 - 2017-05-15 11:40 - 00083039 _____ C:\Users\Nikola Pejovic\Downloads\zadaci-ii-kol-2-1.pptm
2017-05-15 11:37 - 2017-05-15 11:37 - 00030807 _____ C:\Users\Nikola Pejovic\Downloads\prakticne-vjezbe.zip
2017-05-12 21:34 - 2017-05-12 21:34 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Google
2017-05-10 18:17 - 2017-05-10 18:17 - 03133693 _____ C:\Users\Nikola Pejovic\Downloads\New Doc.pdf
2017-05-10 17:05 - 2017-05-10 17:06 - 22188187 _____ C:\Users\Nikola Pejovic\Downloads\Učni načrti.zip
2017-05-09 17:03 - 2017-05-09 17:04 - 00261153 _____ C:\Users\Nikola Pejovic\Downloads\234-795-1-PB (1).pdf
2017-05-07 14:24 - 2017-05-07 14:25 - 06368234 _____ C:\Users\Nikola Pejovic\Downloads\(Springer Texts in Statistics) Robert H. Shumway, David S. Stoffer-Time Series Analysis and Its Applications With R Examples-Springer (2010).pdf
2017-05-04 12:49 - 2017-05-04 12:49 - 00010433 _____ C:\Users\Nikola Pejovic\Downloads\AvgMonthIncome.csv
2017-05-02 15:13 - 2017-05-02 15:15 - 00334013 _____ C:\Users\Nikola Pejovic\Downloads\Dopis-migranti-1.doc.crdownload
2017-05-01 15:03 - 2017-05-01 15:05 - 05486080 _____ C:\Users\Nikola Pejovic\Downloads\709_FIN I FIN TRŽIŠTA I.ppt
2017-04-29 22:56 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-29 13:14 - 2017-04-29 13:17 - 01079067 _____ C:\Users\Nikola Pejovic\Downloads\Final Project_Bin Hou_Mingyang Sun (2).pdf
2017-04-29 13:10 - 2017-04-29 13:10 - 00034100 _____ C:\Users\Nikola Pejovic\Downloads\seiler.pdf
2017-04-28 16:39 - 2017-04-28 16:39 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-28 16:39 - 2017-04-28 16:39 - 00000000 ____D C:\915a49fafc1fb74cff72
2017-04-27 22:04 - 2017-04-27 22:04 - 00352687 _____ C:\Users\Nikola Pejovic\Downloads\Upotreba ICT u preduzecima u 2015 godini Saopstenje (1).pdf
2017-04-27 22:04 - 2017-04-27 22:04 - 00037880 _____ C:\Users\Nikola Pejovic\Downloads\Spisak Maj.pdf
2017-04-27 22:03 - 2017-04-27 22:03 - 00352687 _____ C:\Users\Nikola Pejovic\Downloads\Upotreba ICT u preduzecima u 2015 godini Saopstenje.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-22 17:31 - 2016-07-13 12:28 - 00274050 _____ C:\Windows\ZAM.krnl.trace
2017-05-22 17:31 - 2016-07-13 12:28 - 00257516 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-05-22 17:31 - 2016-07-13 11:55 - 00000000 ____D C:\FRST
2017-05-22 17:30 - 2014-06-12 02:41 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{05485734-D435-4311-95F2-4238E740C9B6}
2017-05-22 17:26 - 2016-03-05 17:10 - 00004992 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for NikolaPC-Nikola Pejovic NikolaPC
2017-05-22 17:07 - 2014-06-12 03:01 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Skype
2017-05-22 16:58 - 2015-06-17 15:30 - 00000972 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2864281891-3376825052-3278056506-1001UA.job
2017-05-22 11:27 - 2014-07-23 22:27 - 00000000 ____D C:\Users\Nikola Pejovic\Documents\ViberDownloads
2017-05-22 11:21 - 2015-06-02 14:11 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\ViberPC
2017-05-22 11:21 - 2015-06-02 14:10 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\Viber
2017-05-22 11:18 - 2014-06-27 08:25 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2017-05-21 23:39 - 2014-06-13 06:46 - 05520384 ___SH C:\Users\Nikola Pejovic\Desktop\Thumbs.db
2017-05-21 23:37 - 2014-06-12 02:32 - 00000000 ____D C:\Users\Nikola Pejovic
2017-05-21 23:36 - 2016-02-23 18:59 - 00000000 ____D C:\Windows\Minidump
2017-05-21 23:36 - 2015-12-20 19:04 - 00000000 ____D C:\ProgramData\OnlineUpdate
2017-05-21 23:36 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-21 23:35 - 2016-03-23 12:38 - 00168925 ____N C:\Windows\Minidump\052117-57843-01.dmp
2017-05-21 23:32 - 2014-07-31 14:49 - 00518656 ___SH C:\Users\Nikola Pejovic\Documents\Thumbs.db
2017-05-21 11:59 - 2014-06-12 02:38 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2864281891-3376825052-3278056506-1001
2017-05-19 22:58 - 2015-06-17 15:30 - 00000920 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2864281891-3376825052-3278056506-1001Core.job
2017-05-19 18:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\tracing
2017-05-18 17:08 - 2014-06-13 21:33 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox
2017-05-18 13:13 - 2015-09-18 15:57 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1442584658
2017-05-18 13:13 - 2015-09-18 15:54 - 00000000 ____D C:\Program Files (x86)\Opera
2017-05-14 21:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2017-05-12 15:18 - 2014-06-12 02:43 - 00002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-12 15:18 - 2014-06-12 02:43 - 00002163 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-10 22:51 - 2014-06-12 02:34 - 00818732 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-10 22:51 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-10 17:10 - 2016-02-22 20:24 - 00000000 ____D C:\Users\Nikola Pejovic\Desktop\Konkurs
2017-05-10 00:40 - 2014-06-13 07:23 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\uTorrent
2017-05-08 09:29 - 2014-12-27 13:41 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-03 00:19 - 2014-06-13 21:38 - 00000000 ___RD C:\Users\Nikola Pejovic\Dropbox
2017-04-29 22:57 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-04-28 23:04 - 2014-06-12 02:43 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 23:04 - 2014-06-12 02:43 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-28 17:08 - 2014-06-13 07:36 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\vlc
==================== Files in the root of some directories =======
2016-04-26 14:24 - 2016-04-26 14:24 - 0000009 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\a.bat
2010-08-28 22:43 - 2010-08-28 22:43 - 0577335 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\adb.exe
2010-08-28 22:43 - 2010-08-28 22:43 - 0096256 ____N (Google, inc) C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinApi.dll
2010-08-28 22:43 - 2010-08-28 22:43 - 0060928 ____N (Google, inc) C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinUsbApi.dll
2016-07-13 00:25 - 2016-07-13 00:25 - 7102976 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\agent.dat
2015-08-21 17:04 - 2015-08-21 17:23 - 0000024 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\appdataFr25.bin
2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\EYapp.apk
2010-08-28 22:43 - 2010-08-28 22:43 - 0356009 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\fastboot.exe
2016-07-13 00:24 - 2016-07-13 00:24 - 0128512 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\Installer.dat
2016-07-13 00:16 - 2016-07-13 04:29 - 0344576 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\RandomDelJiheReg.exe
2016-07-13 00:09 - 2016-07-11 15:34 - 0036494 ___SH () C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKR
2016-07-13 00:09 - 2016-07-11 15:34 - 0936960 ___SH (AutoIt Team) C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKRGN.txt
2016-07-13 00:09 - 2016-07-11 15:34 - 0653328 ___SH () C:\Users\Nikola Pejovic\AppData\Roaming\VVShWZTYTVHH
2016-07-13 00:30 - 2016-07-13 11:43 - 0732869 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\xdo.zip
2015-12-23 23:39 - 2015-12-23 23:39 - 0969852 _____ () C:\Users\Nikola Pejovic\AppData\Local\DjVu-Reader-_1116.rar
2015-09-18 15:55 - 2015-09-18 15:55 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
2016-07-13 11:37 - 2016-07-13 11:37 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\1B33.tmp.exe
2016-07-13 00:21 - 2016-07-13 00:21 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\6DEE.tmp.exe
2016-07-13 11:25 - 2016-07-13 11:25 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\72D2.tmp.exe
2016-07-13 00:09 - 2016-07-13 23:01 - 1328640 _____ () C:\Users\Nikola Pejovic\AppData\Local\Temp\CodecFixDivx.exe
2016-07-13 00:27 - 2016-07-13 00:27 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\F239.tmp.exe
2016-07-13 23:16 - 2016-07-13 23:16 - 0020480 _____ (SonofM) C:\Users\Nikola Pejovic\AppData\Local\Temp\msconfig.exe
2017-05-22 13:07 - 2017-05-22 13:12 - 57906656 _____ (Skype Technologies S.A.) C:\Users\Nikola Pejovic\AppData\Local\Temp\SkypeSetup.exe
2017-04-28 16:39 - 2017-04-28 16:39 - 14456872 _____ (Microsoft Corporation) C:\Users\Nikola Pejovic\AppData\Local\Temp\vc_redist.x86.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-21 16:48
==================== End of FRST.txt ============================
mycity.rs/must-login.png
|
|
|
|
|
Poslao: 22 Maj 2017 23:33
|
offline
- Pridružio: 28 Jan 2009
- Poruke: 76
|
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-05-2017
Ran by Nikola Pejovic (23-05-2017 00:23:25) Run:1
Running from C:\Users\Nikola Pejovic\Desktop
Loaded Profiles: Nikola Pejovic (Available Profiles: Nikola Pejovic)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR DefaultProfile: gregugitulestogagh
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh [2017-05-22] <==== ATTENTION
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh [2016-07-13] <==== ATTENTION
Task: {30DAD72C-FF99-4CE7-889E-77D4B1057DC9} - System32\Tasks\Phuktherjerzodom Helper => C:\Program Files (x86)\Clmoied\Phuktherjerzodomhelperkozerck.exe
Task: {E0D0B880-E7B7-40F8-9321-5C1D4976B215} - \Cotsqwutain Agent -> No File <==== ATTENTION
C:\Program Files (x86)\Clmoied
C:\Users\Nikola Pejovic\AppData\Roaming\a.bat
C:\Users\Nikola Pejovic\AppData\Roaming\adb.exe
C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinApi.dll
C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinUsbApi.dll
C:\Users\Nikola Pejovic\AppData\Roaming\agent.dat
C:\Users\Nikola Pejovic\AppData\Roaming\appdataFr25.bin
C:\Users\Nikola Pejovic\AppData\Roaming\EYapp.apk
C:\Users\Nikola Pejovic\AppData\Roaming\fastboot.exe
C:\Users\Nikola Pejovic\AppData\Roaming\Installer.dat
C:\Users\Nikola Pejovic\AppData\Roaming\RandomDelJiheReg.exe
C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKR
C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKRGN.txt
C:\Users\Nikola Pejovic\AppData\Roaming\VVShWZTYTVHH
C:\Users\Nikola Pejovic\AppData\Roaming\xdo.zip
File: C:\ProgramData\OnlineUpdate\ouc.exe
AlternateDataStreams: C:\Users\Nikola Pejovic\Desktop\Screenshot 2016-06-14 17.50.14.png:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Nikola Pejovic\Documents\randy.jpg:com.dropbox.attributes [168]
*****************
HKLM\SOFTWARE\Policies\Google => key removed successfully
CHR DefaultProfile: gregugitulestogagh => Error: No automatic fix found for this entry.
C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh => moved successfully
C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30DAD72C-FF99-4CE7-889E-77D4B1057DC9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30DAD72C-FF99-4CE7-889E-77D4B1057DC9} => key removed successfully
C:\Windows\System32\Tasks\Phuktherjerzodom Helper => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Phuktherjerzodom Helper => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0D0B880-E7B7-40F8-9321-5C1D4976B215} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0D0B880-E7B7-40F8-9321-5C1D4976B215} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Cotsqwutain Agent => key removed successfully
C:\Program Files (x86)\Clmoied => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\a.bat => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\adb.exe => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinApi.dll => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinUsbApi.dll => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\agent.dat => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\appdataFr25.bin => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\EYapp.apk => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\fastboot.exe => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\Installer.dat => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\RandomDelJiheReg.exe => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKR => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKRGN.txt => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\VVShWZTYTVHH => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\xdo.zip => moved successfully
========================= File: C:\ProgramData\OnlineUpdate\ouc.exe ========================
File not signed
MD5: C5678CCEB3E9E03639C0A0E67B132E92
Creation and modification date: 2015-12-20 19:04 - 2013-08-16 08:53
Size: 0671744
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
C:\Users\Nikola Pejovic\Desktop\Screenshot 2016-06-14 17.50.14.png => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\Nikola Pejovic\Documents\randy.jpg => ":com.dropbox.attributes" ADS removed successfully.
==== End of Fixlog 00:23:56 ====
Kad pokušam da uninstalliram Compress, ne da i izbaca neku poruku na kineskom kao na slici.
P.S. Nakon ovih koraka, nešto se Chrome osvježio.
|
|
|
|
|
Poslao: 23 Maj 2017 14:12
|
offline
- Pridružio: 28 Jan 2009
- Poruke: 76
|
Fajl ima 700 mb tako da mi je preveliki za upload.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2017
Ran by Nikola Pejovic (administrator) on NIKOLAPC (23-05-2017 15:09:00)
Running from C:\Users\Nikola Pejovic\Desktop
Loaded Profiles: Nikola Pejovic (Available Profiles: Nikola Pejovic)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\OnlineUpdate\ouc.exe
() C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
() C:\Users\Nikola Pejovic\AppData\Local\Viber\Viber.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
() C:\Program Files\R\R-3.3.1\bin\x64\Rgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Nikola Pejovic\Desktop\FRST64 (2).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
HKLM-x32\...\Run: [MTel_ontenegro Imola ModemListener] => C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe [125504 2012-05-14] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ACPW07EN] => C:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1414984 2013-09-25] (ACD Systems)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [Viber] => C:\Users\Nikola Pejovic\AppData\Local\Viber\Viber.exe [80036560 2015-05-25] ()
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [Dropbox Update] => C:\Users\Nikola Pejovic\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: D - "D:\autorun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {06ffbd2c-e5fb-11e4-827d-60d819ea6866} - "G:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {06ffbd7f-e5fb-11e4-827d-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {1c2b1253-13c8-11e4-825a-60d819ea6866} - "D:\autorun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {403db24f-c8f7-11e5-82b9-60d819ea6866} - "G:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {46966f1b-2cac-11e5-8285-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {4c352bcc-f3da-11e4-827e-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {8f3306ca-33bd-11e4-825e-60d819ea6866} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {8f3306d8-33bd-11e4-825e-60d819ea6866} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {ca7e1973-6c5d-11e6-82fd-60d819ea6866} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {e4e87462-9b4c-11e5-82ac-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {e4e87525-9b4c-11e5-82ac-60d819ea6866} - "D:\AutoRun.exe"
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [JzShlobj] -> {7B286609-DA97-47E1-AC6B-33B8B4732C95} => -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
Startup: C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-05-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2685DFB0-E5AB-43CB-B5EE-5F4148B3C450}: [DhcpNameServer] 10.0.44.1
Tcpip\..\Interfaces\{51D99859-CEE1-4B15-AA5C-B73E1ABD6149}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2864281891-3376825052-3278056506-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-02] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-02] (Microsoft Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-10-24] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll [2014-11-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll [2014-11-03] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-07-11] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-07-11] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: pruvchshzedomhalgh
CHR HomePage: pruvchshzedomhalgh -> hxxp://www.google.com/
CHR StartupUrls: pruvchshzedomhalgh -> "hxxp://www.sweet-page.com/?type=hp&ts=1442584478&z=bad0e49b332362138910f83gdzfz4o0w8bdz2z4mam&from=cor&uid=WDCXWD5000BPVT-24HXZT3_WD-WXA1A91E3668E3668","hxxp://www.youndoo.com/?z=ad99dbc43c4dab03b38dc41g0z7q1b5z6zacaq2t3m&from=wak&uid=WDCXWD5000BPVT-24HXZT3_WD-WXA1A91E3668E3668&type=hp"
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default [2016-10-29]
CHR Extension: (Google Slides) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-28]
CHR Extension: (Google Docs) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-28]
CHR Extension: (Google Drive) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-28]
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-10-28]
CHR Extension: (Google Sheets) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-28]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-28]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh [2017-05-23] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-23]
CHR Extension: (Google Docs) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-23]
CHR Extension: (Google Drive) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-23]
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-23]
CHR Extension: (Adobe Acrobat) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-23]
CHR Extension: (Google Sheets) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-23]
CHR Extension: (Google Docs Offline) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-23]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-23]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-23]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh [2017-05-23] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-23]
CHR Extension: (Google Docs) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-23]
CHR Extension: (Google Drive) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-23]
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-23]
CHR Extension: (Adobe Acrobat) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-23]
CHR Extension: (Google Sheets) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-23]
CHR Extension: (Google Docs Offline) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-23]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-23]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-23]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\System Profile [2016-07-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed]
R2 MTel_ontenegro Imola Modem Device Helper; C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [375040 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [120832 2011-06-20] (TCT International Mobile Ltd)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2013-10-31] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [236888 2013-10-31] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-02-02] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-02-02] (Zemana Ltd.)
S3 avchv; \SystemRoot\system32\DRIVERS\avchv.sys [X]
S1 MpKsl209e431b; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D12B0855-EECF-4B7D-9690-D53D32B4F929}\MpKsl209e431b.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-23 15:09 - 2017-05-23 15:09 - 00024562 _____ C:\Users\Nikola Pejovic\Desktop\FRST.txt
2017-05-23 00:23 - 2017-05-23 00:23 - 00005100 _____ C:\Users\Nikola Pejovic\Desktop\Fixlog.txt
2017-05-23 00:23 - 2017-05-23 00:23 - 00000000 ____D C:\Users\Nikola Pejovic\Desktop\FRST-OlderVersion
2017-05-22 17:39 - 2017-05-22 17:39 - 00052713 _____ C:\Users\Nikola Pejovic\Downloads\142590_794515354_Addition (1).txt
2017-05-22 17:30 - 2017-05-23 00:23 - 02429952 _____ (Farbar) C:\Users\Nikola Pejovic\Desktop\FRST64 (2).exe
2017-05-22 17:29 - 2017-05-22 17:30 - 02429952 _____ (Farbar) C:\Users\Nikola Pejovic\Downloads\FRST64 (2).exe
2017-05-22 14:57 - 2017-05-22 14:57 - 00741376 _____ C:\Users\Nikola Pejovic\Downloads\Predavanje-4.ppt
2017-05-22 14:13 - 2017-05-22 14:16 - 00030208 _____ C:\Users\Nikola Pejovic\Desktop\Table6_4.xls
2017-05-20 14:37 - 2017-05-20 14:51 - 26761852 _____ C:\Users\Nikola Pejovic\Downloads\K. A. Brownlee-Statistical Theory and Methodology in Science and Engineering-John Wiley & Sons (1965).pdf
2017-05-20 11:00 - 2017-05-20 11:00 - 07001882 _____ C:\Users\Nikola Pejovic\Downloads\(7th+Edition)+Robert+V.+Hogg,+Joeseph+McKean,+Allen+T+Craig-Introduction+to+Mathematical+Statistics-Pearson+(2012).pdf
2017-05-18 17:08 - 2017-05-18 17:08 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-17 15:04 - 2017-05-17 15:06 - 06305453 _____ C:\Users\Nikola Pejovic\Downloads\Gujarati, Damodar N-Basic econometrics._ Student solutions manual for use with Basic econometrics-McGraw-Hill (2004).pdf
2017-05-17 11:45 - 2017-05-17 11:45 - 00871052 _____ C:\Users\Nikola Pejovic\Downloads\5e_data_sets (2).zip
2017-05-15 12:07 - 2017-05-15 12:07 - 00024390 _____ C:\Users\Nikola Pejovic\Downloads\Prijava (1).pdf
2017-05-15 11:40 - 2017-05-15 11:40 - 00083039 _____ C:\Users\Nikola Pejovic\Downloads\zadaci-ii-kol-2-1.pptm
2017-05-15 11:37 - 2017-05-15 11:37 - 00030807 _____ C:\Users\Nikola Pejovic\Downloads\prakticne-vjezbe.zip
2017-05-12 21:34 - 2017-05-12 21:34 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Google
2017-05-10 18:17 - 2017-05-10 18:17 - 03133693 _____ C:\Users\Nikola Pejovic\Downloads\New Doc.pdf
2017-05-10 17:05 - 2017-05-10 17:06 - 22188187 _____ C:\Users\Nikola Pejovic\Downloads\Učni načrti.zip
2017-05-09 17:03 - 2017-05-09 17:04 - 00261153 _____ C:\Users\Nikola Pejovic\Downloads\234-795-1-PB (1).pdf
2017-05-07 14:24 - 2017-05-07 14:25 - 06368234 _____ C:\Users\Nikola Pejovic\Downloads\(Springer Texts in Statistics) Robert H. Shumway, David S. Stoffer-Time Series Analysis and Its Applications With R Examples-Springer (2010).pdf
2017-05-04 12:49 - 2017-05-04 12:49 - 00010433 _____ C:\Users\Nikola Pejovic\Downloads\AvgMonthIncome.csv
2017-05-02 15:13 - 2017-05-02 15:15 - 00334013 _____ C:\Users\Nikola Pejovic\Downloads\Dopis-migranti-1.doc.crdownload
2017-05-01 15:03 - 2017-05-01 15:05 - 05486080 _____ C:\Users\Nikola Pejovic\Downloads\709_FIN I FIN TRŽIŠTA I.ppt
2017-04-29 22:56 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-29 13:14 - 2017-04-29 13:17 - 01079067 _____ C:\Users\Nikola Pejovic\Downloads\Final Project_Bin Hou_Mingyang Sun (2).pdf
2017-04-29 13:10 - 2017-04-29 13:10 - 00034100 _____ C:\Users\Nikola Pejovic\Downloads\seiler.pdf
2017-04-28 16:39 - 2017-04-28 16:39 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-28 16:39 - 2017-04-28 16:39 - 00000000 ____D C:\915a49fafc1fb74cff72
2017-04-27 22:04 - 2017-04-27 22:04 - 00352687 _____ C:\Users\Nikola Pejovic\Downloads\Upotreba ICT u preduzecima u 2015 godini Saopstenje (1).pdf
2017-04-27 22:04 - 2017-04-27 22:04 - 00037880 _____ C:\Users\Nikola Pejovic\Downloads\Spisak Maj.pdf
2017-04-27 22:03 - 2017-04-27 22:03 - 00352687 _____ C:\Users\Nikola Pejovic\Downloads\Upotreba ICT u preduzecima u 2015 godini Saopstenje.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-23 15:09 - 2016-07-13 12:28 - 00580944 _____ C:\Windows\ZAM.krnl.trace
2017-05-23 15:09 - 2016-07-13 12:28 - 00578878 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-05-23 15:09 - 2016-07-13 11:55 - 00000000 ____D C:\FRST
2017-05-23 13:01 - 2014-07-23 22:27 - 00000000 ____D C:\Users\Nikola Pejovic\Documents\ViberDownloads
2017-05-23 12:58 - 2015-06-17 15:30 - 00000972 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2864281891-3376825052-3278056506-1001UA.job
2017-05-23 10:37 - 2016-03-05 17:10 - 00004994 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for NikolaPC-Nikola Pejovic NikolaPC
2017-05-23 10:31 - 2015-06-02 14:11 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\ViberPC
2017-05-23 10:31 - 2015-06-02 14:10 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\Viber
2017-05-23 10:28 - 2014-06-27 08:25 - 00003754 _____ C:\Windows\System32\Tasks\AutoKMS
2017-05-23 00:21 - 2014-06-13 06:46 - 05539328 ___SH C:\Users\Nikola Pejovic\Desktop\Thumbs.db
2017-05-23 00:19 - 2016-07-13 23:01 - 00000000 ____D C:\Program Files (x86)\Phlachhalicult
2017-05-23 00:14 - 2014-06-12 03:01 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Skype
2017-05-22 22:58 - 2015-06-17 15:30 - 00000920 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2864281891-3376825052-3278056506-1001Core.job
2017-05-22 19:46 - 2014-06-12 02:41 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{05485734-D435-4311-95F2-4238E740C9B6}
2017-05-21 23:37 - 2014-06-12 02:32 - 00000000 ____D C:\Users\Nikola Pejovic
2017-05-21 23:36 - 2016-02-23 18:59 - 00000000 ____D C:\Windows\Minidump
2017-05-21 23:36 - 2015-12-20 19:04 - 00000000 ____D C:\ProgramData\OnlineUpdate
2017-05-21 23:36 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-21 23:35 - 2016-03-23 12:38 - 00168925 ____N C:\Windows\Minidump\052117-57843-01.dmp
2017-05-21 23:32 - 2014-07-31 14:49 - 00518656 ___SH C:\Users\Nikola Pejovic\Documents\Thumbs.db
2017-05-21 11:59 - 2014-06-12 02:38 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2864281891-3376825052-3278056506-1001
2017-05-19 18:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\tracing
2017-05-18 17:08 - 2014-06-13 21:33 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox
2017-05-18 13:13 - 2015-09-18 15:57 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1442584658
2017-05-18 13:13 - 2015-09-18 15:54 - 00000000 ____D C:\Program Files (x86)\Opera
2017-05-14 21:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2017-05-12 15:18 - 2014-06-12 02:43 - 00002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-12 15:18 - 2014-06-12 02:43 - 00002163 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-10 22:51 - 2014-06-12 02:34 - 00818732 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-10 22:51 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-10 17:10 - 2016-02-22 20:24 - 00000000 ____D C:\Users\Nikola Pejovic\Desktop\Konkurs
2017-05-10 00:40 - 2014-06-13 07:23 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\uTorrent
2017-05-08 09:29 - 2014-12-27 13:41 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-03 00:19 - 2014-06-13 21:38 - 00000000 ___RD C:\Users\Nikola Pejovic\Dropbox
2017-04-29 22:57 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-04-28 23:04 - 2014-06-12 02:43 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 23:04 - 2014-06-12 02:43 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-28 17:08 - 2014-06-13 07:36 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\vlc
==================== Files in the root of some directories =======
2015-12-23 23:39 - 2015-12-23 23:39 - 0969852 _____ () C:\Users\Nikola Pejovic\AppData\Local\DjVu-Reader-_1116.rar
2015-09-18 15:55 - 2015-09-18 15:55 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
2016-07-13 11:37 - 2016-07-13 11:37 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\1B33.tmp.exe
2016-07-13 00:21 - 2016-07-13 00:21 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\6DEE.tmp.exe
2016-07-13 11:25 - 2016-07-13 11:25 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\72D2.tmp.exe
2016-07-13 00:09 - 2016-07-13 23:01 - 1328640 _____ () C:\Users\Nikola Pejovic\AppData\Local\Temp\CodecFixDivx.exe
2016-07-13 00:27 - 2016-07-13 00:27 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\F239.tmp.exe
2016-07-13 23:16 - 2016-07-13 23:16 - 0020480 _____ (SonofM) C:\Users\Nikola Pejovic\AppData\Local\Temp\msconfig.exe
2017-05-22 13:07 - 2017-05-22 13:12 - 57906656 _____ (Skype Technologies S.A.) C:\Users\Nikola Pejovic\AppData\Local\Temp\SkypeSetup.exe
2017-04-28 16:39 - 2017-04-28 16:39 - 14456872 _____ (Microsoft Corporation) C:\Users\Nikola Pejovic\AppData\Local\Temp\vc_redist.x86.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-21 16:48
==================== End of FRST.txt ============================
mycity.rs/must-login.png
|
|
|
|
Poslao: 23 Maj 2017 16:31
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
Preuzmi Malwarebytes Anti-Malware sa ovog ili ovog ili ovog linka i instaliraj aplikaciju.
Pokreni mb3-setup-consumer-{verzija}.exe i isprati uputstva za instalaciju programa. Nakon instalacije, klikni na Finish
Prilikom prvog pokretanja, program će prikazati prozor "dobrodošlice". Slobodno zatvori taj prozor.
Napomena: Premium funkcije programa su već aktivirane i važe 13 dana od trenutka instalacije. Premium funkcije možeš isključiti preko Settings > My Account tab podešavanja.
• Podešavanja skenera - u Settings, klikni na Protection tab. Ispod Scan Options sekcije, uključi "Scan for rootkits" opciju.
• Pripremi podešavanja za Threat Scan - u Dashboard , klikni na Scan Now dugme. MBAM će ažurirati bazu i započeti skeniranje.
Kada se skeniranje završi, ako je infekcija detektovana, obrati pažnju da je sve označeno, pa klikni na Remove Selected. Restartuj računar ako program upita za restart.
• Dostavi log: Pod Reports izaberi trenutni datum izveštaja Scan Report i potom klikni na View Report.
Izvezi log na Desktop;
- Klikni na Export dugme na dnu, pa onda izaberi 'Text file (*.txt)'
# U Save File dijalogu koji se pojavi, klikni na Desktop. U File name: polje, upiši "mbam" (bez navodnika) i klikni na Save.
- Pojaviće se poruka "Your file has been successfully exported", klikni Ok i zatvori prozor.
• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju.
|
|
|
|
|
Poslao: 23 Maj 2017 23:00
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
|
|
|
|
|
Poslao: 24 Maj 2017 10:52
|
offline
- Sass Drake
- Anti Malware Fighter
Rank 2
- Pridružio: 26 Avg 2010
- Poruke: 10622
- Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building
|
Kakvo je sad stanje? Da li se dalje otvaraju spam stranice?
|
|
|
|