Otvaranje spam stranica

1

Otvaranje spam stranica

offline
  • Pridružio: 28 Jan 2009
  • Poruke: 76

Pozdrav ekipo. Već nekolika dana surfujući Chromom mi otvara periodnično spam stranice i surfovanje je prilično usporeno.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
Ran by (administrator) on NIKOLAPC (22-05-2017 17:31:05)
Running from C:\Users\Nikola Pejovic\Desktop
Loaded Profiles: Nikola Pejovic (Available Profiles: Nikola Pejovic)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\OnlineUpdate\ouc.exe
() C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
() C:\Users\Nikola Pejovic\AppData\Local\Viber\Viber.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Nikola Pejovic\Desktop\FRST64 (2).exe
(MDL) C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Windows\Temp\AutoKMS\TunMirror.exe
(My Digital Life Forums) C:\Windows\Temp\AutoKMS\KMS Server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
HKLM-x32\...\Run: [MTel_ontenegro Imola ModemListener] => C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe [125504 2012-05-14] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ACPW07EN] => C:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1414984 2013-09-25] (ACD Systems)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [Viber] => C:\Users\Nikola Pejovic\AppData\Local\Viber\Viber.exe [80036560 2015-05-25] ()
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [Dropbox Update] => C:\Users\Nikola Pejovic\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: D - "D:\autorun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {06ffbd2c-e5fb-11e4-827d-60d819ea6866} - "G:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {06ffbd7f-e5fb-11e4-827d-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {1c2b1253-13c8-11e4-825a-60d819ea6866} - "D:\autorun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {403db24f-c8f7-11e5-82b9-60d819ea6866} - "G:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {46966f1b-2cac-11e5-8285-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {4c352bcc-f3da-11e4-827e-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {8f3306ca-33bd-11e4-825e-60d819ea6866} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {8f3306d8-33bd-11e4-825e-60d819ea6866} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {ca7e1973-6c5d-11e6-82fd-60d819ea6866} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {e4e87462-9b4c-11e5-82ac-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {e4e87525-9b4c-11e5-82ac-60d819ea6866} - "D:\AutoRun.exe"
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [JzShlobj] -> {7B286609-DA97-47E1-AC6B-33B8B4732C95} => -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
Startup: C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-05-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2685DFB0-E5AB-43CB-B5EE-5F4148B3C450}: [DhcpNameServer] 10.0.44.1
Tcpip\..\Interfaces\{51D99859-CEE1-4B15-AA5C-B73E1ABD6149}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2864281891-3376825052-3278056506-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-02] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-02] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-10-24] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll [2014-11-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll [2014-11-03] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-07-11] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-07-11] (Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: gregugitulestogagh
CHR HomePage: gregugitulestogagh -> hxxp://www.google.com/
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default [2016-10-29]
CHR Extension: (Google Slides) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-28]
CHR Extension: (Google Docs) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-28]
CHR Extension: (Google Drive) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-28]
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-10-28]
CHR Extension: (Google Sheets) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-28]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-28]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh [2017-05-22] <==== ATTENTION
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Unseen) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\iicapmagmhahddefgokbabbgieiogjop [2017-03-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh [2016-07-13] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-13]
CHR Extension: (Google Docs) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-13]
CHR Extension: (Google Drive) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-13]
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-13]
CHR Extension: (Google Sheets) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-13]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-13]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-07-13]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\System Profile [2016-07-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed]
R2 MTel_ontenegro Imola Modem Device Helper; C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [375040 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [120832 2011-06-20] (TCT International Mobile Ltd)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2013-10-31] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [236888 2013-10-31] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-02-02] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-02-02] (Zemana Ltd.)
S3 avchv; \SystemRoot\system32\DRIVERS\avchv.sys [X]
S1 MpKsl209e431b; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D12B0855-EECF-4B7D-9690-D53D32B4F929}\MpKsl209e431b.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-22 17:31 - 2017-05-22 17:31 - 00024041 _____ C:\Users\Nikola Pejovic\Desktop\FRST.txt
2017-05-22 17:30 - 2017-05-22 17:30 - 02429952 _____ (Farbar) C:\Users\Nikola Pejovic\Desktop\FRST64 (2).exe
2017-05-22 17:29 - 2017-05-22 17:30 - 02429952 _____ (Farbar) C:\Users\Nikola Pejovic\Downloads\FRST64 (2).exe
2017-05-22 14:57 - 2017-05-22 14:57 - 00741376 _____ C:\Users\Nikola Pejovic\Downloads\Predavanje-4.ppt
2017-05-22 14:13 - 2017-05-22 14:16 - 00030208 _____ C:\Users\Nikola Pejovic\Desktop\Table6_4.xls
2017-05-20 14:37 - 2017-05-20 14:51 - 26761852 _____ C:\Users\Nikola Pejovic\Downloads\K. A. Brownlee-Statistical Theory and Methodology in Science and Engineering-John Wiley & Sons (1965).pdf
2017-05-20 11:00 - 2017-05-20 11:00 - 07001882 _____ C:\Users\Nikola Pejovic\Downloads\(7th+Edition)+Robert+V.+Hogg,+Joeseph+McKean,+Allen+T+Craig-Introduction+to+Mathematical+Statistics-Pearson+(2012).pdf
2017-05-18 17:08 - 2017-05-18 17:08 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-17 15:04 - 2017-05-17 15:06 - 06305453 _____ C:\Users\Nikola Pejovic\Downloads\Gujarati, Damodar N-Basic econometrics._ Student solutions manual for use with Basic econometrics-McGraw-Hill (2004).pdf
2017-05-17 11:45 - 2017-05-17 11:45 - 00871052 _____ C:\Users\Nikola Pejovic\Downloads\5e_data_sets (2).zip
2017-05-15 12:07 - 2017-05-15 12:07 - 00024390 _____ C:\Users\Nikola Pejovic\Downloads\Prijava (1).pdf
2017-05-15 11:40 - 2017-05-15 11:40 - 00083039 _____ C:\Users\Nikola Pejovic\Downloads\zadaci-ii-kol-2-1.pptm
2017-05-15 11:37 - 2017-05-15 11:37 - 00030807 _____ C:\Users\Nikola Pejovic\Downloads\prakticne-vjezbe.zip
2017-05-12 21:34 - 2017-05-12 21:34 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Google
2017-05-10 18:17 - 2017-05-10 18:17 - 03133693 _____ C:\Users\Nikola Pejovic\Downloads\New Doc.pdf
2017-05-10 17:05 - 2017-05-10 17:06 - 22188187 _____ C:\Users\Nikola Pejovic\Downloads\Učni načrti.zip
2017-05-09 17:03 - 2017-05-09 17:04 - 00261153 _____ C:\Users\Nikola Pejovic\Downloads\234-795-1-PB (1).pdf
2017-05-07 14:24 - 2017-05-07 14:25 - 06368234 _____ C:\Users\Nikola Pejovic\Downloads\(Springer Texts in Statistics) Robert H. Shumway, David S. Stoffer-Time Series Analysis and Its Applications With R Examples-Springer (2010).pdf
2017-05-04 12:49 - 2017-05-04 12:49 - 00010433 _____ C:\Users\Nikola Pejovic\Downloads\AvgMonthIncome.csv
2017-05-02 15:13 - 2017-05-02 15:15 - 00334013 _____ C:\Users\Nikola Pejovic\Downloads\Dopis-migranti-1.doc.crdownload
2017-05-01 15:03 - 2017-05-01 15:05 - 05486080 _____ C:\Users\Nikola Pejovic\Downloads\709_FIN I FIN TRŽIŠTA I.ppt
2017-04-29 22:56 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-29 13:14 - 2017-04-29 13:17 - 01079067 _____ C:\Users\Nikola Pejovic\Downloads\Final Project_Bin Hou_Mingyang Sun (2).pdf
2017-04-29 13:10 - 2017-04-29 13:10 - 00034100 _____ C:\Users\Nikola Pejovic\Downloads\seiler.pdf
2017-04-28 16:39 - 2017-04-28 16:39 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-28 16:39 - 2017-04-28 16:39 - 00000000 ____D C:\915a49fafc1fb74cff72
2017-04-27 22:04 - 2017-04-27 22:04 - 00352687 _____ C:\Users\Nikola Pejovic\Downloads\Upotreba ICT u preduzecima u 2015 godini Saopstenje (1).pdf
2017-04-27 22:04 - 2017-04-27 22:04 - 00037880 _____ C:\Users\Nikola Pejovic\Downloads\Spisak Maj.pdf
2017-04-27 22:03 - 2017-04-27 22:03 - 00352687 _____ C:\Users\Nikola Pejovic\Downloads\Upotreba ICT u preduzecima u 2015 godini Saopstenje.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-22 17:31 - 2016-07-13 12:28 - 00274050 _____ C:\Windows\ZAM.krnl.trace
2017-05-22 17:31 - 2016-07-13 12:28 - 00257516 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-05-22 17:31 - 2016-07-13 11:55 - 00000000 ____D C:\FRST
2017-05-22 17:30 - 2014-06-12 02:41 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{05485734-D435-4311-95F2-4238E740C9B6}
2017-05-22 17:26 - 2016-03-05 17:10 - 00004992 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for NikolaPC-Nikola Pejovic NikolaPC
2017-05-22 17:07 - 2014-06-12 03:01 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Skype
2017-05-22 16:58 - 2015-06-17 15:30 - 00000972 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2864281891-3376825052-3278056506-1001UA.job
2017-05-22 11:27 - 2014-07-23 22:27 - 00000000 ____D C:\Users\Nikola Pejovic\Documents\ViberDownloads
2017-05-22 11:21 - 2015-06-02 14:11 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\ViberPC
2017-05-22 11:21 - 2015-06-02 14:10 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\Viber
2017-05-22 11:18 - 2014-06-27 08:25 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2017-05-21 23:39 - 2014-06-13 06:46 - 05520384 ___SH C:\Users\Nikola Pejovic\Desktop\Thumbs.db
2017-05-21 23:37 - 2014-06-12 02:32 - 00000000 ____D C:\Users\Nikola Pejovic
2017-05-21 23:36 - 2016-02-23 18:59 - 00000000 ____D C:\Windows\Minidump
2017-05-21 23:36 - 2015-12-20 19:04 - 00000000 ____D C:\ProgramData\OnlineUpdate
2017-05-21 23:36 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-21 23:35 - 2016-03-23 12:38 - 00168925 ____N C:\Windows\Minidump\052117-57843-01.dmp
2017-05-21 23:32 - 2014-07-31 14:49 - 00518656 ___SH C:\Users\Nikola Pejovic\Documents\Thumbs.db
2017-05-21 11:59 - 2014-06-12 02:38 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2864281891-3376825052-3278056506-1001
2017-05-19 22:58 - 2015-06-17 15:30 - 00000920 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2864281891-3376825052-3278056506-1001Core.job
2017-05-19 18:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\tracing
2017-05-18 17:08 - 2014-06-13 21:33 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox
2017-05-18 13:13 - 2015-09-18 15:57 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1442584658
2017-05-18 13:13 - 2015-09-18 15:54 - 00000000 ____D C:\Program Files (x86)\Opera
2017-05-14 21:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2017-05-12 15:18 - 2014-06-12 02:43 - 00002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-12 15:18 - 2014-06-12 02:43 - 00002163 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-10 22:51 - 2014-06-12 02:34 - 00818732 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-10 22:51 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-10 17:10 - 2016-02-22 20:24 - 00000000 ____D C:\Users\Nikola Pejovic\Desktop\Konkurs
2017-05-10 00:40 - 2014-06-13 07:23 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\uTorrent
2017-05-08 09:29 - 2014-12-27 13:41 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-03 00:19 - 2014-06-13 21:38 - 00000000 ___RD C:\Users\Nikola Pejovic\Dropbox
2017-04-29 22:57 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-04-28 23:04 - 2014-06-12 02:43 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 23:04 - 2014-06-12 02:43 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-28 17:08 - 2014-06-13 07:36 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2016-04-26 14:24 - 2016-04-26 14:24 - 0000009 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\a.bat
2010-08-28 22:43 - 2010-08-28 22:43 - 0577335 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\adb.exe
2010-08-28 22:43 - 2010-08-28 22:43 - 0096256 ____N (Google, inc) C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinApi.dll
2010-08-28 22:43 - 2010-08-28 22:43 - 0060928 ____N (Google, inc) C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinUsbApi.dll
2016-07-13 00:25 - 2016-07-13 00:25 - 7102976 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\agent.dat
2015-08-21 17:04 - 2015-08-21 17:23 - 0000024 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\appdataFr25.bin
2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\EYapp.apk
2010-08-28 22:43 - 2010-08-28 22:43 - 0356009 ____N () C:\Users\Nikola Pejovic\AppData\Roaming\fastboot.exe
2016-07-13 00:24 - 2016-07-13 00:24 - 0128512 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\Installer.dat
2016-07-13 00:16 - 2016-07-13 04:29 - 0344576 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\RandomDelJiheReg.exe
2016-07-13 00:09 - 2016-07-11 15:34 - 0036494 ___SH () C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKR
2016-07-13 00:09 - 2016-07-11 15:34 - 0936960 ___SH (AutoIt Team) C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKRGN.txt
2016-07-13 00:09 - 2016-07-11 15:34 - 0653328 ___SH () C:\Users\Nikola Pejovic\AppData\Roaming\VVShWZTYTVHH
2016-07-13 00:30 - 2016-07-13 11:43 - 0732869 _____ () C:\Users\Nikola Pejovic\AppData\Roaming\xdo.zip
2015-12-23 23:39 - 2015-12-23 23:39 - 0969852 _____ () C:\Users\Nikola Pejovic\AppData\Local\DjVu-Reader-_1116.rar
2015-09-18 15:55 - 2015-09-18 15:55 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
2016-07-13 11:37 - 2016-07-13 11:37 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\1B33.tmp.exe
2016-07-13 00:21 - 2016-07-13 00:21 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\6DEE.tmp.exe
2016-07-13 11:25 - 2016-07-13 11:25 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\72D2.tmp.exe
2016-07-13 00:09 - 2016-07-13 23:01 - 1328640 _____ () C:\Users\Nikola Pejovic\AppData\Local\Temp\CodecFixDivx.exe
2016-07-13 00:27 - 2016-07-13 00:27 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\F239.tmp.exe
2016-07-13 23:16 - 2016-07-13 23:16 - 0020480 _____ (SonofM) C:\Users\Nikola Pejovic\AppData\Local\Temp\msconfig.exe
2017-05-22 13:07 - 2017-05-22 13:12 - 57906656 _____ (Skype Technologies S.A.) C:\Users\Nikola Pejovic\AppData\Local\Temp\SkypeSetup.exe
2017-04-28 16:39 - 2017-04-28 16:39 - 14456872 _____ (Microsoft Corporation) C:\Users\Nikola Pejovic\AppData\Local\Temp\vc_redist.x86.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-21 16:48

==================== End of FRST.txt ============================


mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Deinstaliraj:
Compress
youndoo - Uninstall





Arrow Korak 2

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR DefaultProfile: gregugitulestogagh
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh [2017-05-22] <==== ATTENTION
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh [2016-07-13] <==== ATTENTION
Task: {30DAD72C-FF99-4CE7-889E-77D4B1057DC9} - System32\Tasks\Phuktherjerzodom Helper => C:\Program Files (x86)\Clmoied\Phuktherjerzodomhelperkozerck.exe
Task: {E0D0B880-E7B7-40F8-9321-5C1D4976B215} - \Cotsqwutain Agent -> No File <==== ATTENTION
C:\Program Files (x86)\Clmoied
C:\Users\Nikola Pejovic\AppData\Roaming\a.bat
C:\Users\Nikola Pejovic\AppData\Roaming\adb.exe
C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinApi.dll
C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinUsbApi.dll
C:\Users\Nikola Pejovic\AppData\Roaming\agent.dat
C:\Users\Nikola Pejovic\AppData\Roaming\appdataFr25.bin
C:\Users\Nikola Pejovic\AppData\Roaming\EYapp.apk
C:\Users\Nikola Pejovic\AppData\Roaming\fastboot.exe
C:\Users\Nikola Pejovic\AppData\Roaming\Installer.dat
C:\Users\Nikola Pejovic\AppData\Roaming\RandomDelJiheReg.exe
C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKR
C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKRGN.txt
C:\Users\Nikola Pejovic\AppData\Roaming\VVShWZTYTVHH
C:\Users\Nikola Pejovic\AppData\Roaming\xdo.zip
File: C:\ProgramData\OnlineUpdate\ouc.exe
AlternateDataStreams: C:\Users\Nikola Pejovic\Desktop\Screenshot 2016-06-14 17.50.14.png:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Nikola Pejovic\Documents\randy.jpg:com.dropbox.attributes [168]


U okviru Notepad-a klikni na File --> Save As
Pod Encoding izaberi UTF-8.
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

offline
  • Pridružio: 28 Jan 2009
  • Poruke: 76

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-05-2017
Ran by Nikola Pejovic (23-05-2017 00:23:25) Run:1
Running from C:\Users\Nikola Pejovic\Desktop
Loaded Profiles: Nikola Pejovic (Available Profiles: Nikola Pejovic)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR DefaultProfile: gregugitulestogagh
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh [2017-05-22] <==== ATTENTION
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh [2016-07-13] <==== ATTENTION
Task: {30DAD72C-FF99-4CE7-889E-77D4B1057DC9} - System32\Tasks\Phuktherjerzodom Helper => C:\Program Files (x86)\Clmoied\Phuktherjerzodomhelperkozerck.exe
Task: {E0D0B880-E7B7-40F8-9321-5C1D4976B215} - \Cotsqwutain Agent -> No File <==== ATTENTION
C:\Program Files (x86)\Clmoied
C:\Users\Nikola Pejovic\AppData\Roaming\a.bat
C:\Users\Nikola Pejovic\AppData\Roaming\adb.exe
C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinApi.dll
C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinUsbApi.dll
C:\Users\Nikola Pejovic\AppData\Roaming\agent.dat
C:\Users\Nikola Pejovic\AppData\Roaming\appdataFr25.bin
C:\Users\Nikola Pejovic\AppData\Roaming\EYapp.apk
C:\Users\Nikola Pejovic\AppData\Roaming\fastboot.exe
C:\Users\Nikola Pejovic\AppData\Roaming\Installer.dat
C:\Users\Nikola Pejovic\AppData\Roaming\RandomDelJiheReg.exe
C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKR
C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKRGN.txt
C:\Users\Nikola Pejovic\AppData\Roaming\VVShWZTYTVHH
C:\Users\Nikola Pejovic\AppData\Roaming\xdo.zip
File: C:\ProgramData\OnlineUpdate\ouc.exe
AlternateDataStreams: C:\Users\Nikola Pejovic\Desktop\Screenshot 2016-06-14 17.50.14.png:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Nikola Pejovic\Documents\randy.jpg:com.dropbox.attributes [168]
*****************

HKLM\SOFTWARE\Policies\Google => key removed successfully
CHR DefaultProfile: gregugitulestogagh => Error: No automatic fix found for this entry.
C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh => moved successfully
C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30DAD72C-FF99-4CE7-889E-77D4B1057DC9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30DAD72C-FF99-4CE7-889E-77D4B1057DC9} => key removed successfully
C:\Windows\System32\Tasks\Phuktherjerzodom Helper => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Phuktherjerzodom Helper => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0D0B880-E7B7-40F8-9321-5C1D4976B215} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0D0B880-E7B7-40F8-9321-5C1D4976B215} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Cotsqwutain Agent => key removed successfully
C:\Program Files (x86)\Clmoied => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\a.bat => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\adb.exe => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinApi.dll => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\AdbWinUsbApi.dll => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\agent.dat => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\appdataFr25.bin => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\EYapp.apk => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\fastboot.exe => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\Installer.dat => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\RandomDelJiheReg.exe => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKR => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\UZYFMBEaaYgNhFSDVKRGN.txt => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\VVShWZTYTVHH => moved successfully
C:\Users\Nikola Pejovic\AppData\Roaming\xdo.zip => moved successfully

========================= File: C:\ProgramData\OnlineUpdate\ouc.exe ========================

File not signed
MD5: C5678CCEB3E9E03639C0A0E67B132E92
Creation and modification date: 2015-12-20 19:04 - 2013-08-16 08:53
Size: 0671744
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======

C:\Users\Nikola Pejovic\Desktop\Screenshot 2016-06-14 17.50.14.png => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\Nikola Pejovic\Documents\randy.jpg => ":com.dropbox.attributes" ADS removed successfully.

==== End of Fixlog 00:23:56 ====

Kad pokušam da uninstalliram Compress, ne da i izbaca neku poruku na kineskom kao na slici.


P.S. Nakon ovih koraka, nešto se Chrome osvježio.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Compress ćemo zasad zanemariti.


Arrow Korak 1

Zapakuj folder:
C:\FRST\Quarantine

u RAR ili 7z arhivu pa ga pokušaj uploadovati na:
https://www.mycity.rs/ambulanta-upload.php

Ako ne uspije pređi na sledeći korak.



Arrow Korak 2

Ponovo pokreni FRST, označi Addition.txt, klikni na Scan pa mi dostavi nove izvještaje kad završi.

offline
  • Pridružio: 28 Jan 2009
  • Poruke: 76

Fajl ima 700 mb tako da mi je preveliki za upload.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2017
Ran by Nikola Pejovic (administrator) on NIKOLAPC (23-05-2017 15:09:00)
Running from C:\Users\Nikola Pejovic\Desktop
Loaded Profiles: Nikola Pejovic (Available Profiles: Nikola Pejovic)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\OnlineUpdate\ouc.exe
() C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
() C:\Users\Nikola Pejovic\AppData\Local\Viber\Viber.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
() C:\Program Files\R\R-3.3.1\bin\x64\Rgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Nikola Pejovic\Desktop\FRST64 (2).exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
HKLM-x32\...\Run: [MTel_ontenegro Imola ModemListener] => C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe [125504 2012-05-14] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ACPW07EN] => C:\Program Files (x86)\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1414984 2013-09-25] (ACD Systems)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [Viber] => C:\Users\Nikola Pejovic\AppData\Local\Viber\Viber.exe [80036560 2015-05-25] ()
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [Dropbox Update] => C:\Users\Nikola Pejovic\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: D - "D:\autorun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {06ffbd2c-e5fb-11e4-827d-60d819ea6866} - "G:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {06ffbd7f-e5fb-11e4-827d-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {1c2b1253-13c8-11e4-825a-60d819ea6866} - "D:\autorun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {403db24f-c8f7-11e5-82b9-60d819ea6866} - "G:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {46966f1b-2cac-11e5-8285-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {4c352bcc-f3da-11e4-827e-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {8f3306ca-33bd-11e4-825e-60d819ea6866} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {8f3306d8-33bd-11e4-825e-60d819ea6866} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {ca7e1973-6c5d-11e6-82fd-60d819ea6866} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {e4e87462-9b4c-11e5-82ac-60d819ea6866} - "D:\AutoRun.exe"
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\...\MountPoints2: {e4e87525-9b4c-11e5-82ac-60d819ea6866} - "D:\AutoRun.exe"
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [JzShlobj] -> {7B286609-DA97-47E1-AC6B-33B8B4732C95} => -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
Startup: C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-05-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2685DFB0-E5AB-43CB-B5EE-5F4148B3C450}: [DhcpNameServer] 10.0.44.1
Tcpip\..\Interfaces\{51D99859-CEE1-4B15-AA5C-B73E1ABD6149}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2864281891-3376825052-3278056506-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2864281891-3376825052-3278056506-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-02] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-02] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-10-24] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll [2014-11-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll [2014-11-03] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-07-11] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-07-11] (Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: pruvchshzedomhalgh
CHR HomePage: pruvchshzedomhalgh -> hxxp://www.google.com/
CHR StartupUrls: pruvchshzedomhalgh -> "hxxp://www.sweet-page.com/?type=hp&ts=1442584478&z=bad0e49b332362138910f83gdzfz4o0w8bdz2z4mam&from=cor&uid=WDCXWD5000BPVT-24HXZT3_WD-WXA1A91E3668E3668","hxxp://www.youndoo.com/?z=ad99dbc43c4dab03b38dc41g0z7q1b5z6zacaq2t3m&from=wak&uid=WDCXWD5000BPVT-24HXZT3_WD-WXA1A91E3668E3668&type=hp"
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default [2016-10-29]
CHR Extension: (Google Slides) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-28]
CHR Extension: (Google Docs) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-28]
CHR Extension: (Google Drive) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-28]
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-10-28]
CHR Extension: (Google Sheets) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-28]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-28]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh [2017-05-23] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-23]
CHR Extension: (Google Docs) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-23]
CHR Extension: (Google Drive) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-23]
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-23]
CHR Extension: (Adobe Acrobat) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-23]
CHR Extension: (Google Sheets) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-23]
CHR Extension: (Google Docs Offline) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-23]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-23]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\gregugitulestogagh\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-23]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh [2017-05-23] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-23]
CHR Extension: (Google Docs) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-23]
CHR Extension: (Google Drive) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-23]
CHR Extension: (YouTube) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-23]
CHR Extension: (Adobe Acrobat) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-23]
CHR Extension: (Google Sheets) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-23]
CHR Extension: (Google Docs Offline) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-23]
CHR Extension: (Gmail) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-23]
CHR Extension: (Chrome Media Router) - C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\pruvchshzedomhalgh\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-23]
CHR Profile: C:\Users\Nikola Pejovic\AppData\Local\Google\Chrome\User Data\System Profile [2016-07-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed]
R2 MTel_ontenegro Imola Modem Device Helper; C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [375040 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [120832 2011-06-20] (TCT International Mobile Ltd)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2013-10-31] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [236888 2013-10-31] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-02-02] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-02-02] (Zemana Ltd.)
S3 avchv; \SystemRoot\system32\DRIVERS\avchv.sys [X]
S1 MpKsl209e431b; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D12B0855-EECF-4B7D-9690-D53D32B4F929}\MpKsl209e431b.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-23 15:09 - 2017-05-23 15:09 - 00024562 _____ C:\Users\Nikola Pejovic\Desktop\FRST.txt
2017-05-23 00:23 - 2017-05-23 00:23 - 00005100 _____ C:\Users\Nikola Pejovic\Desktop\Fixlog.txt
2017-05-23 00:23 - 2017-05-23 00:23 - 00000000 ____D C:\Users\Nikola Pejovic\Desktop\FRST-OlderVersion
2017-05-22 17:39 - 2017-05-22 17:39 - 00052713 _____ C:\Users\Nikola Pejovic\Downloads\142590_794515354_Addition (1).txt
2017-05-22 17:30 - 2017-05-23 00:23 - 02429952 _____ (Farbar) C:\Users\Nikola Pejovic\Desktop\FRST64 (2).exe
2017-05-22 17:29 - 2017-05-22 17:30 - 02429952 _____ (Farbar) C:\Users\Nikola Pejovic\Downloads\FRST64 (2).exe
2017-05-22 14:57 - 2017-05-22 14:57 - 00741376 _____ C:\Users\Nikola Pejovic\Downloads\Predavanje-4.ppt
2017-05-22 14:13 - 2017-05-22 14:16 - 00030208 _____ C:\Users\Nikola Pejovic\Desktop\Table6_4.xls
2017-05-20 14:37 - 2017-05-20 14:51 - 26761852 _____ C:\Users\Nikola Pejovic\Downloads\K. A. Brownlee-Statistical Theory and Methodology in Science and Engineering-John Wiley & Sons (1965).pdf
2017-05-20 11:00 - 2017-05-20 11:00 - 07001882 _____ C:\Users\Nikola Pejovic\Downloads\(7th+Edition)+Robert+V.+Hogg,+Joeseph+McKean,+Allen+T+Craig-Introduction+to+Mathematical+Statistics-Pearson+(2012).pdf
2017-05-18 17:08 - 2017-05-18 17:08 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-17 15:04 - 2017-05-17 15:06 - 06305453 _____ C:\Users\Nikola Pejovic\Downloads\Gujarati, Damodar N-Basic econometrics._ Student solutions manual for use with Basic econometrics-McGraw-Hill (2004).pdf
2017-05-17 11:45 - 2017-05-17 11:45 - 00871052 _____ C:\Users\Nikola Pejovic\Downloads\5e_data_sets (2).zip
2017-05-15 12:07 - 2017-05-15 12:07 - 00024390 _____ C:\Users\Nikola Pejovic\Downloads\Prijava (1).pdf
2017-05-15 11:40 - 2017-05-15 11:40 - 00083039 _____ C:\Users\Nikola Pejovic\Downloads\zadaci-ii-kol-2-1.pptm
2017-05-15 11:37 - 2017-05-15 11:37 - 00030807 _____ C:\Users\Nikola Pejovic\Downloads\prakticne-vjezbe.zip
2017-05-12 21:34 - 2017-05-12 21:34 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Google
2017-05-10 18:17 - 2017-05-10 18:17 - 03133693 _____ C:\Users\Nikola Pejovic\Downloads\New Doc.pdf
2017-05-10 17:05 - 2017-05-10 17:06 - 22188187 _____ C:\Users\Nikola Pejovic\Downloads\Učni načrti.zip
2017-05-09 17:03 - 2017-05-09 17:04 - 00261153 _____ C:\Users\Nikola Pejovic\Downloads\234-795-1-PB (1).pdf
2017-05-07 14:24 - 2017-05-07 14:25 - 06368234 _____ C:\Users\Nikola Pejovic\Downloads\(Springer Texts in Statistics) Robert H. Shumway, David S. Stoffer-Time Series Analysis and Its Applications With R Examples-Springer (2010).pdf
2017-05-04 12:49 - 2017-05-04 12:49 - 00010433 _____ C:\Users\Nikola Pejovic\Downloads\AvgMonthIncome.csv
2017-05-02 15:13 - 2017-05-02 15:15 - 00334013 _____ C:\Users\Nikola Pejovic\Downloads\Dopis-migranti-1.doc.crdownload
2017-05-01 15:03 - 2017-05-01 15:05 - 05486080 _____ C:\Users\Nikola Pejovic\Downloads\709_FIN I FIN TRŽIŠTA I.ppt
2017-04-29 22:56 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-29 22:56 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-29 13:14 - 2017-04-29 13:17 - 01079067 _____ C:\Users\Nikola Pejovic\Downloads\Final Project_Bin Hou_Mingyang Sun (2).pdf
2017-04-29 13:10 - 2017-04-29 13:10 - 00034100 _____ C:\Users\Nikola Pejovic\Downloads\seiler.pdf
2017-04-28 16:39 - 2017-04-28 16:39 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-28 16:39 - 2017-04-28 16:39 - 00000000 ____D C:\915a49fafc1fb74cff72
2017-04-27 22:04 - 2017-04-27 22:04 - 00352687 _____ C:\Users\Nikola Pejovic\Downloads\Upotreba ICT u preduzecima u 2015 godini Saopstenje (1).pdf
2017-04-27 22:04 - 2017-04-27 22:04 - 00037880 _____ C:\Users\Nikola Pejovic\Downloads\Spisak Maj.pdf
2017-04-27 22:03 - 2017-04-27 22:03 - 00352687 _____ C:\Users\Nikola Pejovic\Downloads\Upotreba ICT u preduzecima u 2015 godini Saopstenje.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-23 15:09 - 2016-07-13 12:28 - 00580944 _____ C:\Windows\ZAM.krnl.trace
2017-05-23 15:09 - 2016-07-13 12:28 - 00578878 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-05-23 15:09 - 2016-07-13 11:55 - 00000000 ____D C:\FRST
2017-05-23 13:01 - 2014-07-23 22:27 - 00000000 ____D C:\Users\Nikola Pejovic\Documents\ViberDownloads
2017-05-23 12:58 - 2015-06-17 15:30 - 00000972 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2864281891-3376825052-3278056506-1001UA.job
2017-05-23 10:37 - 2016-03-05 17:10 - 00004994 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for NikolaPC-Nikola Pejovic NikolaPC
2017-05-23 10:31 - 2015-06-02 14:11 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\ViberPC
2017-05-23 10:31 - 2015-06-02 14:10 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Local\Viber
2017-05-23 10:28 - 2014-06-27 08:25 - 00003754 _____ C:\Windows\System32\Tasks\AutoKMS
2017-05-23 00:21 - 2014-06-13 06:46 - 05539328 ___SH C:\Users\Nikola Pejovic\Desktop\Thumbs.db
2017-05-23 00:19 - 2016-07-13 23:01 - 00000000 ____D C:\Program Files (x86)\Phlachhalicult
2017-05-23 00:14 - 2014-06-12 03:01 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Skype
2017-05-22 22:58 - 2015-06-17 15:30 - 00000920 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2864281891-3376825052-3278056506-1001Core.job
2017-05-22 19:46 - 2014-06-12 02:41 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{05485734-D435-4311-95F2-4238E740C9B6}
2017-05-21 23:37 - 2014-06-12 02:32 - 00000000 ____D C:\Users\Nikola Pejovic
2017-05-21 23:36 - 2016-02-23 18:59 - 00000000 ____D C:\Windows\Minidump
2017-05-21 23:36 - 2015-12-20 19:04 - 00000000 ____D C:\ProgramData\OnlineUpdate
2017-05-21 23:36 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-21 23:35 - 2016-03-23 12:38 - 00168925 ____N C:\Windows\Minidump\052117-57843-01.dmp
2017-05-21 23:32 - 2014-07-31 14:49 - 00518656 ___SH C:\Users\Nikola Pejovic\Documents\Thumbs.db
2017-05-21 11:59 - 2014-06-12 02:38 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2864281891-3376825052-3278056506-1001
2017-05-19 18:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\tracing
2017-05-18 17:08 - 2014-06-13 21:33 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\Dropbox
2017-05-18 13:13 - 2015-09-18 15:57 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1442584658
2017-05-18 13:13 - 2015-09-18 15:54 - 00000000 ____D C:\Program Files (x86)\Opera
2017-05-14 21:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2017-05-12 15:18 - 2014-06-12 02:43 - 00002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-12 15:18 - 2014-06-12 02:43 - 00002163 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-10 22:51 - 2014-06-12 02:34 - 00818732 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-10 22:51 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-10 17:10 - 2016-02-22 20:24 - 00000000 ____D C:\Users\Nikola Pejovic\Desktop\Konkurs
2017-05-10 00:40 - 2014-06-13 07:23 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\uTorrent
2017-05-08 09:29 - 2014-12-27 13:41 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-03 00:19 - 2014-06-13 21:38 - 00000000 ___RD C:\Users\Nikola Pejovic\Dropbox
2017-04-29 22:57 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-04-28 23:04 - 2014-06-12 02:43 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 23:04 - 2014-06-12 02:43 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-28 17:08 - 2014-06-13 07:36 - 00000000 ____D C:\Users\Nikola Pejovic\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2015-12-23 23:39 - 2015-12-23 23:39 - 0969852 _____ () C:\Users\Nikola Pejovic\AppData\Local\DjVu-Reader-_1116.rar
2015-09-18 15:55 - 2015-09-18 15:55 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
2016-07-13 11:37 - 2016-07-13 11:37 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\1B33.tmp.exe
2016-07-13 00:21 - 2016-07-13 00:21 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\6DEE.tmp.exe
2016-07-13 11:25 - 2016-07-13 11:25 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\72D2.tmp.exe
2016-07-13 00:09 - 2016-07-13 23:01 - 1328640 _____ () C:\Users\Nikola Pejovic\AppData\Local\Temp\CodecFixDivx.exe
2016-07-13 00:27 - 2016-07-13 00:27 - 0918073 _____ (Faregokuda ) C:\Users\Nikola Pejovic\AppData\Local\Temp\F239.tmp.exe
2016-07-13 23:16 - 2016-07-13 23:16 - 0020480 _____ (SonofM) C:\Users\Nikola Pejovic\AppData\Local\Temp\msconfig.exe
2017-05-22 13:07 - 2017-05-22 13:12 - 57906656 _____ (Skype Technologies S.A.) C:\Users\Nikola Pejovic\AppData\Local\Temp\SkypeSetup.exe
2017-04-28 16:39 - 2017-04-28 16:39 - 14456872 _____ (Microsoft Corporation) C:\Users\Nikola Pejovic\AppData\Local\Temp\vc_redist.x86.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-21 16:48

==================== End of FRST.txt ============================

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi Malwarebytes Anti-Malware sa ovog ili ovog ili ovog linka i instaliraj aplikaciju.
Pokreni mb3-setup-consumer-{verzija}.exe i isprati uputstva za instalaciju programa. Nakon instalacije, klikni na Finish

Prilikom prvog pokretanja, program će prikazati prozor "dobrodošlice". Slobodno zatvori taj prozor.
Napomena: Premium funkcije programa su već aktivirane i važe 13 dana od trenutka instalacije. Premium funkcije možeš isključiti preko Settings > My Account tab podešavanja.

• Podešavanja skenera - u Settings, klikni na Protection tab. Ispod Scan Options sekcije, uključi "Scan for rootkits" opciju.
• Pripremi podešavanja za Threat Scan - u Dashboard , klikni na Scan Now dugme. MBAM će ažurirati bazu i započeti skeniranje.

Kada se skeniranje završi, ako je infekcija detektovana, obrati pažnju da je sve označeno, pa klikni na Remove Selected. Restartuj računar ako program upita za restart.
• Dostavi log: Pod Reports izaberi trenutni datum izveštaja Scan Report i potom klikni na View Report.

Izvezi log na Desktop;
- Klikni na Export dugme na dnu, pa onda izaberi 'Text file (*.txt)'
# U Save File dijalogu koji se pojavi, klikni na Desktop. U File name: polje, upiši "mbam" (bez navodnika) i klikni na Save.
- Pojaviće se poruka "Your file has been successfully exported", klikni Ok i zatvori prozor.



• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju.

offline
  • Pridružio: 28 Jan 2009
  • Poruke: 76

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

offline
  • Pridružio: 28 Jan 2009
  • Poruke: 76

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sad stanje? Da li se dalje otvaraju spam stranice?

Ko je trenutno na forumu
 

Ukupno su 1020 korisnika na forumu :: 36 registrovanih, 4 sakrivenih i 980 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Ben Roj, branko7, Bubimir, cenejac111, DeerHunter, dozorni, draganl, dragon986, Fog of War, Frunze, Grond, kubura91, kybonacci, Libertas, Mercury, Metanoja, milenko crazy north, MiroslavD, nextyamb, novator, Panter, raketaš, Regrut Boskica, ruma, Sir Budimir, sokars, styg, suton, t84dar, Trpe Grozni, tubular, vathra, Vlada78, vladulns, VP6919, wulfy