MyCity » Ambulanta -> Arhiva Ambulante » Usporen pc ,narocito internet

Usporen pc ,narocito internet

Napisano na dan: 7.10.2014
1

Usporen pc ,narocito internet
Sledeća strana Pagination

Idi na vrh

Poslao: 07 Okt 2014 10:53
Idi na vrh
offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

U poslednje vreme racunar mi sve sporije radi, AV nista ne prijavljuje to je prvi problem i drugi problem je sto kada kliknem na neku stranicu istovremeno se otvara i po jedan mozilin prozor a ponekad i vise uzastopno i veoma sporo radi. Imam 10 mb kablovski internet...

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014 01
Ran by Boban (administrator) on BOBAN-PC on 07-10-2014 10:41:57
Running from C:\Users\Boban\Desktop
Loaded Profiles: Boban & UpdatusUser (Available profiles: Boban & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LSoft Technologies Inc) C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(MagicISO, Inc.) C:\Program Files\MagicDisc\MagicDisc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
() C:\Users\Boban\AppData\Roaming\VideoDrivers\CPU\x86\minerd.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-07-06] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...\Policies\Explorer\Run: [SysLogger32] => C:\Windows\security\Syslogs\core32_178.dll [1476608 2013-09-07] ( ())
HKU\S-1-5-21-1582240820-2018686280-1996047769-1000\...\MountPoints2: {61c39312-34ca-11e3-92d2-ebe75371da66} - L:\SETUP.EXE
HKU\S-1-5-18\...\Run: [Advanced SystemCare 7] => "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update ESET's license.lnk
ShortcutTarget: Update ESET's license.lnk -> C:\Program Files\ESET\MiNODLogin\launcher.exe (No File)
Startup: C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\safetynut\x64\safetycrt.dll
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9094D995FB81CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&babsrc=SP_ss_mib2&mntrId=D0EC00064F98B665&affID=128403&tsp=5198
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&locale=en_EU
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\user.js
FF SearchPlugin: C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\searchplugins\Web Search.xml
FF Extension: TheTorntv V10 - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-09-15]
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\artur.dubovoy@gmail.com [2014-09-15]
FF Extension: Website Counselor - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e} [2014-09-15]
FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi [2014-09-15]
FF Extension: To Google Translate - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2014-09-15]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-09-03]

Chrome:
=======
CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-104&v=a13277-328&t=4"
CHR DefaultSearchProvider: Default -> Ask.com
CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}
CHR CustomProfile: C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-02]
CHR Extension: (Google Wallet) - C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (GoPhoto.it) - C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2014-01-19]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx [2013-08-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [237792 2012-10-23] (LSoft Technologies Inc)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [387616 2009-08-10] ()
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-11] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-11] (globalUpdate) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [178720 2009-08-10] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-08-15] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-08-15] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-08-15] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-08-15] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-08-15] (ESET)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [98816 2013-04-24] (Gemalto)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.)
R3 rtl819xp; C:\Windows\System32\DRIVERS\rtl819xp.sys [559208 2014-07-06] (Realtek Semiconductor Corporation )
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [805888 2011-01-26] (Windows (R) Win 7 DDK provider)
S3 WFLR6654; C:\Windows\System32\drivers\wfeaglxt.sys [433920 2009-10-21] (Leadtek Research Inc.)
S3 pfc; system32\drivers\pfc.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-07 10:41 - 2014-10-07 10:42 - 00019170 _____ () C:\Users\Boban\Desktop\FRST.txt
2014-10-07 10:41 - 2014-10-07 10:42 - 00000000 ____D () C:\FRST
2014-10-07 10:40 - 2014-10-07 10:40 - 01101312 _____ (Farbar) C:\Users\Boban\Desktop\FRST.exe
2014-10-06 14:02 - 2014-10-06 14:01 - 00214028 _____ () C:\UPLATA.EXE
2014-10-02 14:39 - 2014-10-03 15:42 - 00000000 ____D () C:\TimeTables
2014-10-01 15:39 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 20:10 - 2014-09-30 20:17 - 00000000 ____D () C:\Program Files\idoo
2014-09-30 19:56 - 2014-09-30 19:58 - 00000000 ____D () C:\Users\Boban\Downloads\idoo Video Editor Pro -Kayz Afridi-
2014-09-30 19:18 - 2014-09-30 20:26 - 3900907520 ____R () C:\Users\Boban\Downloads\Windows_8.1_Pro_X64_Activated.iso
2014-09-30 18:45 - 2014-09-30 18:51 - 00000400 __RSH () C:\ProgramData\ntuser.pol
2014-09-30 18:39 - 2014-09-30 18:39 - 00001075 _____ () C:\Users\Boban\Desktop\CleanMyPC - Registry Cleaner (2).lnk
2014-09-29 23:09 - 2014-09-30 18:41 - 00000000 ____D () C:\Users\Boban\Downloads\Windows 8.1 Update 1 Pro X64 PreActivated
2014-09-29 10:16 - 2014-09-29 10:16 - 128076958 _____ () C:\Windows\MEMORY.DMP
2014-09-29 10:16 - 2014-09-29 10:16 - 00131120 _____ () C:\Windows\Minidump\092914-18470-01.dmp
2014-09-27 19:47 - 2014-09-27 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ Hard Disk Monitor
2014-09-27 19:47 - 2014-09-27 19:47 - 00000000 ____D () C:\Program Files\LSoft Technologies Inc
2014-09-27 19:43 - 2014-09-27 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-27 19:43 - 2014-09-27 19:43 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-25 14:34 - 2014-09-25 14:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-25 09:33 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 15:26 - 2014-10-07 10:10 - 00002578 _____ () C:\Windows\setupact.log
2014-09-23 15:26 - 2014-09-23 15:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 20:57 - 2014-09-22 20:41 - 00415040 _____ () C:\KALKDRAG.EXE
2014-09-21 20:52 - 2014-09-22 11:09 - 00423600 _____ () C:\FAKTDEJA.EXE
2014-09-20 12:10 - 2014-09-20 12:10 - 00000000 ____D () C:\Users\Boban\sMedio
2014-09-20 12:10 - 2014-09-20 12:10 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\sMedio
2014-09-20 12:04 - 2014-09-20 12:04 - 00001962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel WinDVD Pro 11.lnk
2014-09-20 12:04 - 2014-09-20 12:04 - 00001950 _____ () C:\Users\Public\Desktop\Corel WinDVD Pro 11.lnk
2014-09-20 12:04 - 2014-09-20 12:04 - 00000000 ____D () C:\ProgramData\sMedio
2014-09-20 12:02 - 2014-09-20 12:02 - 00000000 ____D () C:\Program Files\sMedio
2014-09-20 12:02 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-09-20 12:02 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-09-20 11:52 - 2014-09-20 11:55 - 00000000 ____D () C:\Users\Boban\Downloads\Corel WinDVD Pro 11.6.1.13.301045
2014-09-19 16:55 - 2014-09-20 11:17 - 00127477 _____ () C:\Users\Boban\Documents\PDR.dmp
2014-09-19 16:01 - 2014-09-19 16:01 - 00000000 ____D () C:\SmartSound Software
2014-09-19 16:01 - 2014-09-19 16:01 - 00000000 ____D () C:\Program Files\SmartSound Software
2014-09-19 16:00 - 2014-09-19 17:05 - 00002559 _____ () C:\Users\Boban\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\UpdatusUser\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\TEMP\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\Default\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\Default User\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 15:57 - 2014-09-19 16:00 - 00000000 ____D () C:\Program Files\CyberLink
2014-09-19 15:43 - 2014-09-19 16:03 - 00000000 ____D () C:\Users\Boban\Downloads\CyberLink Power Director 11 Ultra
2014-09-19 15:42 - 2014-09-19 15:47 - 245557088 _____ () C:\Users\Boban\Downloads\RAR FILE_CYBERLINK_POWERDIRECTOR 8_100% WORKING SERIAL.rar
2014-09-19 15:34 - 2014-09-19 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-09-19 15:33 - 2014-09-19 15:33 - 00000000 ____D () C:\Program Files\Sony
2014-09-19 15:02 - 2014-10-06 14:15 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\uTorrent
2014-09-19 15:02 - 2014-09-19 15:02 - 00000831 _____ () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-09-19 14:46 - 2014-09-19 14:46 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Sony Creative Software Inc
2014-09-18 21:31 - 2014-09-19 14:46 - 00000000 ____D () C:\Users\Boban\AppData\Local\Sony
2014-09-18 21:30 - 2014-09-19 15:33 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Sony
2014-09-18 21:26 - 2014-09-18 21:26 - 00000000 ____D () C:\Users\Boban\Downloads\SONY Vegas Pro 11.0 Build 370 + Patch (32-bit) [RH]
2014-09-18 20:39 - 2014-09-18 20:39 - 00002164 _____ () C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk
2014-09-18 20:39 - 2014-09-18 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio SE DVD
2014-09-18 20:19 - 2014-09-18 20:20 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-09-18 20:19 - 2014-09-18 20:20 - 00000000 ____D () C:\IExp1.tmp
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\Windows\RegisteredPackages
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\IExp0.tmp
2014-09-18 18:50 - 2014-09-18 18:50 - 00000000 ____D () C:\Program Files\Somagic
2014-09-18 18:50 - 2014-09-18 18:50 - 00000000 ____D () C:\Program Files\Common Files\Somagic
2014-09-18 18:50 - 2011-01-26 11:31 - 00805888 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\SmiUsbGrabber3C.sys
2014-09-17 19:41 - 2014-09-18 20:44 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Ulead Systems
2014-09-17 19:37 - 2014-09-17 19:37 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\InstallShield
2014-09-17 19:34 - 2014-09-20 11:22 - 00000000 ____D () C:\Program Files\Ulead Systems
2014-09-17 19:34 - 2014-09-20 11:21 - 00000000 ____D () C:\Program Files\Common Files\Ulead Systems
2014-09-17 19:08 - 2014-09-17 19:08 - 00000000 ____D () C:\Program Files\MagicDisc
2014-09-17 19:08 - 2009-02-24 18:42 - 00116736 _____ (MagicISO, Inc.) C:\Windows\system32\Drivers\mcdbus.sys
2014-09-16 20:45 - 2014-09-20 12:04 - 00000000 ____D () C:\Program Files\Common Files\InterVideo
2014-09-16 20:39 - 2014-09-16 20:39 - 00000005 _____ () C:\Windows\system32\lMMLDeleteUserData42107612FX.tmp
2014-09-16 17:38 - 2014-09-16 17:38 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\VOS
2014-09-16 16:04 - 2014-09-16 16:04 - 00000000 ____D () C:\Program Files\GTWorks
2014-09-16 16:01 - 2014-09-16 16:01 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Aegisub
2014-09-16 14:13 - 2014-09-16 14:13 - 00000000 ____D () C:\Users\Boban\Downloads\VirtualDub_198
2014-09-16 11:02 - 2014-09-16 11:02 - 00000000 ____D () C:\Users\Boban\New folder (2)
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\Documents\ShowBiz 2
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\Documents\My Albums
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\ArcSoft
2014-09-15 22:20 - 2014-09-16 13:59 - 00000000 ____D () C:\Program Files\Common Files\element5 Shared
2014-09-15 22:20 - 2014-09-15 22:20 - 00000000 ____D () C:\ProgramData\element5
2014-09-15 22:17 - 1995-07-31 13:44 - 00212480 _____ (Eastman Kodak) C:\Windows\PCDLIB32.DLL
2014-09-15 20:37 - 2014-09-15 20:37 - 00000000 ____D () C:\Users\Boban\Downloads\Arcadia
2014-09-15 17:27 - 2009-09-04 17:29 - 01974616 ____N (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-09-15 17:27 - 2009-09-04 17:29 - 01892184 ____N (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-09-15 17:26 - 2007-07-19 18:14 - 03727720 ____N (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-09-15 17:26 - 2006-03-31 12:40 - 02388176 ____N (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-09-15 16:56 - 2014-09-16 14:19 - 00000000 ____D () C:\Program Files\Movavi Video Editor 4
2014-09-15 16:45 - 2014-09-16 14:15 - 00000000 ____D () C:\Program Files\DVDlabPro2
2014-09-15 16:22 - 2014-09-15 16:22 - 00001022 _____ () C:\Users\UpdatusUser\Desktop\Idigicon VHS Backup.lnk
2014-09-15 16:22 - 2014-09-15 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD
2014-09-15 16:22 - 2014-09-15 16:22 - 00000000 ____D () C:\Program Files\XviD
2014-09-15 16:00 - 2014-09-20 11:16 - 00000000 ____D () C:\Users\Boban\Documents\Ulead VideoStudio SE
2014-09-15 15:55 - 2014-09-15 15:55 - 00000000 ____D () C:\ProgramData\InstallShield
2014-09-15 15:27 - 2014-09-16 15:08 - 00000000 ____D () C:\Users\Boban\AppData\Local\CrashDumps
2014-09-15 15:18 - 2014-09-28 15:03 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-15 15:18 - 2014-09-15 15:19 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Mozilla
2014-09-15 15:18 - 2014-09-15 15:18 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-15 10:54 - 2014-09-15 10:54 - 00212940 _____ () C:\REINDEX.EXE
2014-09-14 20:44 - 2014-09-14 20:44 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\TechSmith
2014-09-14 20:43 - 2014-09-14 20:43 - 00000000 ____D () C:\Users\Boban\Documents\Camtasia Studio
2014-09-14 20:40 - 2014-09-16 15:31 - 00000000 ____D () C:\Program Files\TechSmith
2014-09-14 19:59 - 2014-09-16 10:30 - 00000040 _____ () C:\Windows\EditPack.INI
2014-09-14 19:59 - 2014-09-14 19:59 - 00000000 ____D () C:\Users\Boban\AppData\Local\VHS to DVD
2014-09-14 19:58 - 2014-09-15 15:09 - 00000000 ____D () C:\Users\Boban\Documents\VHS to DVD
2014-09-14 19:56 - 2014-09-14 19:56 - 00000000 ____D () C:\Program Files\honestech
2014-09-14 19:51 - 2014-09-19 16:55 - 00000000 ____D () C:\ProgramData\CyberLink
2014-09-14 19:51 - 2014-09-15 16:08 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\CyberLink
2014-09-14 19:51 - 2014-09-14 19:51 - 00000000 ____D () C:\Users\Public\CyberLink
2014-09-14 19:51 - 2014-09-14 19:51 - 00000000 ____D () C:\Users\Boban\Documents\CyberLink
2014-09-14 19:49 - 2014-09-19 16:01 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc
2014-09-14 19:49 - 2014-09-14 19:49 - 00000000 ____D () C:\ProgramData\eSellerate
2014-09-14 19:47 - 2014-09-14 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-09-14 19:46 - 2014-09-14 19:47 - 00000000 ____D () C:\Program Files\QuickTime
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\Users\Boban\AppData\Local\Apple
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\ProgramData\Apple
2014-09-12 12:30 - 2014-09-12 12:29 - 00003732 _____ () C:\PROMBUT.DBF
2014-09-11 22:19 - 2014-10-06 14:26 - 00000000 ____D () C:\Raspored
2014-09-11 22:19 - 2014-09-11 22:19 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\aSc Timetables
2014-09-11 18:26 - 2014-10-07 10:10 - 00002742 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-1.job
2014-09-11 18:26 - 2014-10-07 10:10 - 00002418 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-5_user.job
2014-09-11 18:26 - 2014-10-07 10:10 - 00002418 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-5.job
2014-09-11 18:26 - 2014-09-11 18:26 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\WebExtend
2014-09-11 18:25 - 2014-10-07 10:25 - 00003442 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-6.job
2014-09-11 18:25 - 2014-10-07 10:10 - 00003786 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-4.job
2014-09-11 18:25 - 2014-10-07 10:10 - 00003106 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-7.job
2014-09-11 18:25 - 2014-10-07 10:10 - 00002762 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-3.job
2014-09-11 18:25 - 2014-09-11 18:25 - 00004468 _____ () C:\Windows\Tasks\219e4a00-994b-43b7-9d78-f0938b451f58-11.job
2014-09-11 18:04 - 2014-09-11 18:05 - 00000000 ____D () C:\Users\Boban\Desktop\Raspored
2014-09-11 16:48 - 2014-09-11 16:48 - 00063488 _____ () C:\Users\Boban\Downloads\asc.timetables.2014-fixed.patch.exe
2014-09-10 16:09 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 16:09 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 16:09 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 16:09 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 16:09 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 16:09 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 16:09 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 16:09 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 16:09 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 16:09 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 16:09 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 16:09 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 16:09 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 16:09 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 16:09 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 16:09 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 16:09 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 16:09 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 16:09 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 16:09 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 16:09 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 16:09 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 16:09 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 16:09 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 16:09 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 16:09 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 16:09 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 16:09 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 16:09 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 16:09 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 16:04 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 15:48 - 2014-09-10 15:48 - 00002043 _____ () C:\TuneUp 1-Click Maintenance.lnk
2014-09-10 15:48 - 2014-09-10 15:48 - 00002013 _____ () C:\TuneUp Utilities 2014.lnk
2014-09-10 15:23 - 2014-03-20 14:44 - 00036664 ____N (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-09-10 15:23 - 2014-03-20 14:44 - 00025400 ____N (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-09-10 15:20 - 2014-09-16 11:26 - 00000000 ____D () C:\Users\Boban\Documents\Ulead VideoStudio
2014-09-10 15:17 - 2014-09-10 15:17 - 00000000 ____D () C:\ProgramData\InterVideo
2014-09-10 15:14 - 2014-09-18 20:37 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-09-10 14:33 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 14:33 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 14:32 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 14:31 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 17:41 - 2014-09-09 17:42 - 00000000 ____D () C:\vsx5
2014-09-09 17:08 - 2014-09-09 17:08 - 00001121 _____ () C:\Users\Public\Desktop\WebSite X5 Professional 10.lnk
2014-09-09 17:08 - 2014-09-09 17:08 - 00000000 ____D () C:\Users\Boban\AppData\Local\Incomedia
2014-09-09 17:08 - 2014-09-09 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 v10 - Professional
2014-09-09 17:05 - 2014-09-09 17:08 - 00000000 ____D () C:\Program Files\WebSite X5 v10 - Professional
2014-09-09 14:20 - 2014-09-09 14:21 - 00000000 ____D () C:\Users\Boban\Documents\Quick-PDF PDF to Word
2014-09-09 14:20 - 2014-09-09 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF to Word
2014-09-09 14:20 - 2014-09-09 14:20 - 00000000 ____D () C:\Program Files\PDF to Word
2014-09-09 14:19 - 2014-09-09 14:19 - 00000000 ____D () C:\Users\Boban\Downloads\Quick-PDF PDF To Word Converter 2.2 + (zabranjeno)-[HB]
2014-09-09 14:11 - 2014-09-09 14:11 - 00001066 _____ () C:\Users\Boban\Desktop\PDFConverter.lnk
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Softplicity
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total PDF Converter
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\Program Files\Total PDF Converter
2014-09-09 14:05 - 2014-09-09 14:05 - 00000000 ____D () C:\ProgramData\pdf-watermark-remover-wm
2014-09-09 14:02 - 2014-09-09 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Watermark Revmoer
2014-09-09 14:02 - 2014-09-09 14:02 - 00000000 ____D () C:\Program Files\PDF Watermark Revmoer
2014-09-08 10:11 - 2014-09-08 10:11 - 00001234 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\Users\Boban\AppData\Local\VS Revo Group
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-08 10:11 - 2009-12-30 10:21 - 00027192 ____N (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-09-08 10:09 - 2014-09-08 10:10 - 00000000 ____D () C:\Users\Boban\Downloads\Revo Uninstaller Pro 3.0.8 Final (32-64 Bit) ML - SceneDL (PimpRG)
2014-09-07 20:37 - 2014-09-07 20:38 - 00459711 _____ () C:\Users\Boban\Documents\xp1f5enc6ex0c1426d0672c28jcmipad
2014-09-07 20:37 - 2014-09-07 20:38 - 00224496 _____ () C:\Users\Boban\Documents\e1y5d71163v54nk04d74qh7j35djb80t
2014-09-07 20:37 - 2014-09-07 20:38 - 00088985 _____ () C:\Users\Boban\Documents\043ld7bpnwnu26162f80v3g8o8kc17va
2014-09-07 20:37 - 2014-09-07 20:38 - 00065005 _____ () C:\Users\Boban\Documents\ojabr49o9dnt0v4y77y089xpjhf5iz4n
2014-09-07 20:37 - 2014-09-07 20:38 - 00041748 _____ () C:\Users\Boban\Documents\34l19yw3cpw30318sejssm6018m8e2kl
2014-09-07 13:34 - 2014-09-07 13:34 - 00000000 ____D () C:\Users\Boban\.net
2014-09-07 13:33 - 2014-09-07 13:34 - 02128638 _____ () C:\Users\Boban\Downloads\Advanced Find And Replace v7.8.1 (zabranjeno).rar
2014-09-07 13:33 - 2014-09-07 13:33 - 00856361 _____ () C:\Users\Boban\Desktop\FAR-1.8-win.zip
2014-09-07 12:09 - 2014-09-07 13:16 - 00000000 ____D () C:\Users\Boban\Documents\Incomedia
2014-09-07 10:58 - 2014-09-07 10:58 - 17833425 _____ () C:\Users\Boban\Documents\BRUS.cab
2014-09-07 10:55 - 2014-09-07 10:55 - 00001075 _____ () C:\Users\Boban\Desktop\CleanMyPC - Registry Cleaner.lnk
2014-09-07 10:55 - 2014-09-07 10:55 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\CleanMyPC Software
2014-09-07 10:55 - 2014-09-07 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanMyPC Registry Cleaner
2014-09-07 10:55 - 2014-09-07 10:55 - 00000000 ____D () C:\Program Files\CleanMyPC
2014-09-07 10:54 - 2014-09-07 10:54 - 00000000 ____D () C:\Users\Boban\Downloads\CleanMyPC.Registry.Cleaner.v4.41.Incl.Keygen.X64-Lz0
2014-09-07 10:50 - 2014-09-07 10:50 - 00102367 _____ () C:\Users\Boban\Desktop\gcount13.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-07 10:24 - 2014-09-02 16:24 - 00002222 _____ () C:\Windows\Tasks\a7982934-0630-49b5-bdb1-d23d83f53ffd-4.job
2014-10-07 10:17 - 2014-02-23 11:52 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf307cea445b20.job
2014-10-07 10:17 - 2009-07-14 06:34 - 00021280 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-07 10:17 - 2009-07-14 06:34 - 00021280 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-07 10:12 - 2014-09-03 13:39 - 01805863 _____ () C:\Windows\WindowsUpdate.log
2014-10-07 10:10 - 2014-09-02 19:05 - 00004468 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-11.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00002710 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-4.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00002372 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-6.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00002244 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-7.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00001812 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-1.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00001750 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-5_user.job
2014-10-07 10:10 - 2014-09-02 19:05 - 00001730 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-5.job
2014-10-07 10:10 - 2014-09-02 19:04 - 00003106 _____ () C:\Windows\Tasks\974970fd-4f41-4161-b6fb-6aa6d78fa6e3-3.job
2014-10-07 10:10 - 2014-09-02 16:24 - 00000874 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-07 10:10 - 2014-02-23 11:52 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf307ce82fd300.job
2014-10-07 10:10 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-06 16:44 - 2013-07-16 12:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-06 15:19 - 2013-10-16 15:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-06 13:45 - 2013-07-24 16:58 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Skype
2014-10-04 12:30 - 2014-09-02 16:24 - 00000878 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-03 15:56 - 2013-07-15 21:24 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\GHISLER
2014-10-03 15:56 - 2013-07-15 21:24 - 00000000 ____D () C:\Total Commander 2012 v8.01 RC4 Full
2014-10-03 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-03 15:33 - 2009-07-14 06:53 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-01 16:48 - 2013-08-15 13:19 - 00000440 ____H () C:\Windows\Tasks\Norton Security Scan for Boban.job
2014-10-01 16:02 - 2014-08-05 14:52 - 00000000 ____D () C:\Windows\rescache
2014-09-30 20:12 - 2013-10-11 14:57 - 00000193 _____ () C:\Windows\WORDPAD.INI
2014-09-30 20:00 - 2010-11-20 23:01 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-30 18:48 - 2014-08-04 12:02 - 00000045 _____ () C:\Windows\system32\_WKERNEL.SYL
2014-09-30 18:45 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-29 10:16 - 2014-08-05 14:16 - 00000000 ____D () C:\Windows\Minidump
2014-09-27 19:47 - 2013-07-16 09:42 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-27 19:44 - 2013-07-24 16:58 - 00000000 ____D () C:\ProgramData\Skype
2014-09-27 19:44 - 2013-07-16 12:42 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-27 19:44 - 2013-07-16 12:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-27 19:43 - 2013-07-24 16:58 - 00000000 ___RD () C:\Program Files\Skype
2014-09-23 11:25 - 2013-12-12 16:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-23 11:11 - 2013-07-16 15:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-21 20:53 - 2013-07-17 17:05 - 00000461 _____ () C:\Windows\VC.INI
2014-09-20 12:10 - 2013-07-15 21:22 - 00000000 ____D () C:\Users\Boban
2014-09-19 15:52 - 2009-07-14 04:04 - 00000918 _____ () C:\Windows\win.ini
2014-09-19 15:03 - 2013-08-27 13:39 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\OpenCandy
2014-09-18 20:36 - 2013-07-16 15:28 - 00000000 ____D () C:\Users\Boban\AppData\Local\Adobe
2014-09-18 19:14 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-17 19:08 - 2013-10-14 14:52 - 00000927 _____ () C:\Users\UpdatusUser\Desktop\MagicDisc.lnk
2014-09-17 19:08 - 2013-10-14 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
2014-09-17 18:50 - 2009-07-14 06:33 - 00460896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-17 18:49 - 2013-07-15 21:32 - 00128776 _____ () C:\Users\Boban\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-16 20:39 - 2013-07-27 15:28 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\HTC
2014-09-16 20:39 - 2013-07-27 12:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-09-16 20:39 - 2013-07-27 12:38 - 00000000 ____D () C:\ProgramData\HTC
2014-09-16 14:18 - 2013-12-27 11:49 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-09-16 14:18 - 2013-12-27 11:49 - 00000000 ____D () C:\Users\Boban\AppData\Local\Mobogenie
2014-09-16 14:05 - 2014-03-19 10:39 - 00000000 ____D () C:\Program Files\CCP Server 5
2014-09-16 14:04 - 2014-03-19 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberCafePro Main Control Station 5
2014-09-15 16:55 - 2013-07-27 12:43 - 00000000 ____D () C:\Users\Boban\AppData\Local\Downloaded Installations
2014-09-15 15:53 - 2013-07-16 09:45 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-09-15 11:13 - 2013-07-16 13:10 - 00000000 ____D () C:\Windows\pss
2014-09-15 09:06 - 2013-07-15 21:22 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-14 19:51 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-09-14 19:49 - 2013-12-28 17:54 - 00000000 ____D () C:\Users\TEMP
2014-09-10 16:04 - 2013-10-14 14:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 16:04 - 2013-08-14 13:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 15:57 - 2013-07-15 21:21 - 98758480 ____N (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 15:49 - 2014-01-11 12:51 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\TuneUp Software
2014-09-10 15:21 - 2014-01-11 12:50 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-10 15:20 - 2013-08-27 13:39 - 00001183 _____ () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-09-09 18:08 - 2013-07-25 11:56 - 00000000 ___RD () C:\Users\Boban\Dropbox
2014-09-09 16:54 - 2013-07-25 11:54 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Dropbox
2014-09-09 15:02 - 2013-07-15 21:24 - 00000000 ____D () C:\DOS
2014-09-08 10:11 - 2014-09-03 13:38 - 00000000 ____D () C:\Users\Boban\Desktop\Data
2014-09-07 20:49 - 2014-02-25 15:01 - 00517899 _____ () C:\TREEINFO.NCD
2014-09-07 20:42 - 2014-09-04 16:10 - 00238287 _____ () C:\Users\Boban\Documents\fszgw0c2z7x9u3t11y10k0zfzz62mpsq
2014-09-07 20:42 - 2014-09-04 16:10 - 00226356 _____ () C:\Users\Boban\Documents\559hqbtfu17dje559ixf2r1sf41erm2u
2014-09-07 20:42 - 2014-09-04 16:10 - 00218443 _____ () C:\Users\Boban\Documents\f8j24lvi0t43o071sjlhy1pwui16q750
2014-09-07 20:42 - 2014-09-04 16:10 - 00205613 _____ () C:\Users\Boban\Documents\819gtolf8y850gq3n6a1v80402wtbn97
2014-09-07 20:42 - 2014-09-04 16:10 - 00196670 _____ () C:\Users\Boban\Documents\9t0veto51y430l5o2917l33y1e1ix5q5
2014-09-07 20:42 - 2014-09-04 16:10 - 00191895 _____ () C:\Users\Boban\Documents\11xr489wt7h1w1uaipz4uo67wai7q50t
2014-09-07 20:42 - 2014-09-04 16:10 - 00083607 _____ () C:\Users\Boban\Documents\b6zh8jm8o5204dj2ukb8grl207gay99i
2014-09-07 20:42 - 2014-09-04 16:10 - 00061952 _____ () C:\Users\Boban\Documents\94oglw7e496se4wtfkd1yxpjc62z1c72
2014-09-07 20:42 - 2014-09-04 16:10 - 00036400 _____ () C:\Users\Boban\Documents\b1gt20ux2u9d404o0dc6mm4e30n35c41
2014-09-07 20:42 - 2014-09-04 16:10 - 00033731 _____ () C:\Users\Boban\Documents\3o9047ze77b551h4n695gq5oy7pspfr3
2014-09-07 20:42 - 2014-09-04 16:10 - 00028504 _____ () C:\Users\Boban\Documents\job17y4g6ljzxk7c0kz1d3iscqhw4e2f
2014-09-07 20:42 - 2014-09-04 16:10 - 00010506 _____ () C:\Users\Boban\Documents\w3d9l9xq6zgh9vxgg5duh9301u6y4nd2
2014-09-07 20:42 - 2014-09-04 16:10 - 00002486 _____ () C:\Users\Boban\Documents\index.xml
2014-09-07 20:42 - 2014-09-04 16:10 - 00002126 _____ () C:\Users\Boban\Documents\backup.xml
2014-09-07 20:38 - 2014-09-04 16:10 - 00135937 _____ () C:\Users\Boban\Documents\303c3k87pibh4cg16z3rb976303r2jy5

Some content of TEMP:
====================
C:\Users\Boban\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-01 15:54

==================== End Of Log ============================
[Link mogu videti samo ulogovani korisnici]



Poslao: 07 Okt 2014 14:43
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Da li si ti instalirao Award Keylogger?



Poslao: 07 Okt 2014 19:29
Idi na vrh
offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

Moguce. Hteo sam da isprobam kako radi ali to je bilo odavno. Ne verujem da je aktivan

Poslao: 07 Okt 2014 20:50
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U redu. Vidim da koristiš piratski ESET SS, da imaš BitCoin miner i još hrpu adwarea.


Arrow Korak 1

Deinstaliraj ESET SS kroz Control Panel -> Programs and Features kao i ESET Antivirus License Finder. Kada završimo čišćenje malwarea i adwarea dobićeš uputstva šta dalje što se antivirusne zaštite tiče.
Nakon toga deinstaliraj (kroz Control Panel -> Programs and Features):

Award Keylogger 2.5
CleanMyPC - Registry Cleaner

Kada završiš ovo pređi na korak 2.




Arrow Korak 2

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt



Arrow Korak 3

Preuzmi Junkware Removal Tool (JRT) i sačuvaj ga na Desktop.

Zatvori browser i ostale pokrenute programe

Privremeno deaktiviraj zaštitni softver (Uputstvo);

Dvoklikom na ikonicu () pokreni program JRT;

Kod obavještenja "Press any key" pritisnuti bilo koji taster i alat ce započeti skeniranje.
Napomena: u ovisnosti od hardvera račuanra vreme skeniranja u nekim slučajevima moze da potraje.

Kada završi otvorice se Notepad sa izvještajem koji ce biti sačuvan na Desktopu pod nazivom JRT.txt

Arrow Kopiraj sadržaj tog loga u temu.



Arrow Korak 4

Ponovo pokreni FRST, označi opciju Addition.txt, klikni na Scan i kada završi postavi mi nove FRST.txt i Addition.txt izvještaje.

Poslao: 07 Okt 2014 23:47
Idi na vrh
offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

Napisano: 07 Okt 2014 23:41

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.1 (10.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Boban on Tue 10/07/2014 at 23:28:44.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1582240820-2018686280-1996047769-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}



~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
Successfully deleted: [File] "C:\Windows\launcher.exe"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Boban\AppData\Roaming\cleanmypc software"
Successfully deleted: [Folder] "C:\Users\Boban\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\Boban\Local Settings\Application Data\thinstall"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Boban\AppData\Roaming\mozilla\firefox\profiles\rtc8ea7a.default-1381584217073\extensions\staged
Successfully deleted: [Folder] C:\Users\Boban\AppData\Roaming\mozilla\firefox\profiles\rtc8ea7a.default-1381584217073\extensions\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e}
Successfully deleted the following from C:\Users\Boban\AppData\Roaming\mozilla\firefox\profiles\rtc8ea7a.default-1381584217073\prefs.js

user_pref("browser.search.useDBForOrder", false);
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-
user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.testingGaq.value", "%22hxxp%3A//extclickmedia-maynemyltf.netdna-ssl.com/Extensions
user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A
user_pref("valueApps.autoDisableScopes", 0);
user_pref("valueApps.storage./9B+7E+x305", "2423");
user_pref("valueApps.storage./9B+7E,x305", "2423");
user_pref("valueApps.storage./9B+7E-x305", "2423");
user_pref("valueApps.storage./9B+7E.:2z527", "2423");
user_pref("valueApps.storage./9B+7E.x305", "2423");
user_pref("valueApps.storage./9B+7E/x305", "2423");
user_pref("valueApps.storage./9B+7E06CG5EL8:", "6E6D696A6F6B75767475");
user_pref("valueApps.storage./9B+7E06CG5EL;8I:K", "247E2D2F226A74736F7075717B7C7A7B242F4B49474F42357D5D5C3D");
user_pref("valueApps.storage./9B+7E0x305", "2423");
user_pref("valueApps.storage./9B+7E1x305", "2423");
user_pref("valueApps.storage./9B+7E2x305", "2423");
user_pref("valueApps.storage./9B+7E3x305", "2423");
user_pref("valueApps.storage./9B+7E4x305", "2423");
user_pref("valueApps.storage./9B+7E5x305", "2423");
user_pref("valueApps.storage./9B+7E6x305", "2423");
user_pref("valueApps.storage./9B+7E7x305", "2423");
user_pref("valueApps.storage./9B+7E8x305", "2423");
user_pref("valueApps.storage./9B+7E9x305", "2423");
user_pref("valueApps.storage./9B+7E:x305", "2423");
user_pref("valueApps.storage./9B+7E;x305", "2423");
user_pref("valueApps.storage./9B+7E<x305", "2423");
user_pref("valueApps.storage./9B+7E=x305", "2423");
user_pref("valueApps.storage./9B+7E>x305", "2423");
user_pref("valueApps.storage./9B+7E?x305", "2423");
user_pref("valueApps.storage./9B+7E@x305", "2423");
user_pref("valueApps.storage./9B+7EAx305", "2423");
user_pref("valueApps.storage./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
user_pref("valueApps.storage./9B+7EBx305", "2423");
user_pref("valueApps.storage./9B+7ECx305", "2423");
user_pref("valueApps.storage./9B+7EDx305", "2423");
user_pref("valueApps.storage./9B+7Etx305", "2423");
user_pref("valueApps.storage./9B-0?3G>D", "3C3D6E6E407142407A72457A762048487A21257B7C53532A5528572659292E2E592D2B32");
user_pref("valueApps.storage./9B-0?3G@6:5;", "");
user_pref("valueApps.storage./9B-0?3GFA7EF", "2B2E2C3D");
user_pref("valueApps.storage./9B-3=3ECCJA=F>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D57695D5D686365533C70766C66755E");
user_pref("valueApps.storage./9B/>01=9A6K6<IM;KRIE@PDAWM", "6E6A68707374757677");
user_pref("valueApps.storage./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
user_pref("valueApps.storage./9B5BA==9CJAG", "3C686B6C70723F457A4447487476494B764F4C7D50");
user_pref("valueApps.storage./9B6B11G4C56B>F;P;ANR@P", "6E6D696A6F6B75767475797676");
user_pref("valueApps.storage./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E");
user_pref("valueApps.storage./9B9643G3/9E", "6A");
user_pref("valueApps.storage./9B;45>:BI9I7IE", "2B2E2C3D");
user_pref("valueApps.storage./9B<:222H64<", "393F352F3E");
user_pref("valueApps.storage./9B<:222H64<L8DAJ", "6D70706F7673737974772A797A72797E757D7E");
user_pref("valueApps.storage./9B=+03EH8H8J?:", "4443");
user_pref("valueApps.storage./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
user_pref("valueApps.storage./9B?B0D:8AJ62<H", "6D");
user_pref("valueApps.storage./9BA@0<0BI6A7GN:6@L?", "6C");
user_pref("valueApps.storage.PG_ENABLE", "74727565");
user_pref("valueApps.storage._key_cl_active", "63653430353161372D373937652D346238632D393965642D656463336236663263633534");
user_pref("valueApps.storage.cbfirsttime", "5475652044656320333120323031332031323A34303A333320474D542B30313030202843656E7472616C204575726F7065205374616E646172642054696D6529");
user_pref("valueApps.storage.mam_gk_appStateReportTime", "31333838343930303330343935");
user_pref("valueApps.storage.mam_gk_appState_Clarity_Active", "6F6E");
user_pref("valueApps.storage.mam_gk_appsConfig", "7B2241707073436F6E66696775726174696F6E223A5B7B226964223A22436C61726974795F416374697665222C2275726C223A22687474703A2F2F73746F7
user_pref("valueApps.storage.mam_gk_appsDefaultEnabled", "74727565");
user_pref("valueApps.storage.mam_gk_calledSetupService", "31");
user_pref("valueApps.storage.mam_gk_currentVersion", "312E31322E302E35");
user_pref("valueApps.storage.mam_gk_first_time", "31");
user_pref("valueApps.storage.mam_gk_lastLoginTime", "31333838343930303330383439");
user_pref("valueApps.storage.mam_gk_localization", "7B226469616C6F674F4B223A7B2254657874223A224F4B227D2C22646D626F7831223A7B2254657874223A224465616C5C725C6E6F66207468652064617
user_pref("valueApps.storage.mam_gk_mamEnabled", "74727565");
user_pref("valueApps.storage.mam_gk_settings1.12.0.5", "7B22537461747573223A22737563636565646564222C2244617461223A7B2263757272656E7444617465223A223230313331323331222C22696E746
user_pref("valueApps.storage.mam_gk_showWelcomeGadget", "66616C7365");
user_pref("valueApps.storage.mam_gk_stamp", "35345F30");
user_pref("valueApps.storage.mam_gk_userId", "34363537303838652D316234362D346666612D393566352D306337653235653261336461");
user_pref("valueApps.storage.mam_gk_user_approval_interacted", "");
Emptied folder: C:\Users\Boban\AppData\Roaming\mozilla\firefox\profiles\rtc8ea7a.default-1381584217073\minidumps [73 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Boban\appdata\local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 10/07/2014 at 23:30:32.11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dopuna: 07 Okt 2014 23:44

[Link mogu videti samo ulogovani korisnici]

Dopuna: 07 Okt 2014 23:45

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

Dopuna: 07 Okt 2014 23:47

napomena
ESET Antivirus License nisam nasao u control panelu da ga reinstaliram kao ni keylogger, pa sam nesto rucno brisao,

Poslao: 07 Okt 2014 23:51
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nisi dobro postavio novi FRST.txt.

Poslao: 08 Okt 2014 08:26
Idi na vrh
offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014 01
Ran by Boban (administrator) on BOBAN-PC on 08-10-2014 08:18:58
Running from C:\Users\Boban\Desktop
Loaded Profiles: Boban & UpdatusUser (Available profiles: Boban & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LSoft Technologies Inc) C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(MagicISO, Inc.) C:\Program Files\MagicDisc\MagicDisc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-07-06] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [SysLogger32] => C:\Windows\security\Syslogs\core32_178.dll [1476608 2013-09-07] ( ())
HKU\S-1-5-21-1582240820-2018686280-1996047769-1000\...\MountPoints2: {61c39312-34ca-11e3-92d2-ebe75371da66} - L:\SETUP.EXE
HKU\S-1-5-18\...\Run: [Advanced SystemCare 7] => "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
Startup: C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9094D995FB81CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: TheTorntv V10 - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-09-15]
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\artur.dubovoy@gmail.com [2014-09-15]
FF Extension: Ultimate Finder - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-07]
FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi [2014-09-15]
FF Extension: To Google Translate - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2014-09-15]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-104&v=a13277-328&t=4"
CHR DefaultSearchProvider: Default -> Ask.com
CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}
CHR CustomProfile: C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-02]
CHR Extension: (Google Wallet) - C:\Users\Boban\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [237792 2012-10-23] (LSoft Technologies Inc)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [387616 2009-08-10] ()
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [178720 2009-08-10] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [98816 2013-04-24] (Gemalto)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.)
R3 rtl819xp; C:\Windows\System32\DRIVERS\rtl819xp.sys [559208 2014-07-06] (Realtek Semiconductor Corporation )
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [805888 2011-01-26] (Windows (R) Win 7 DDK provider)
S3 WFLR6654; C:\Windows\System32\drivers\wfeaglxt.sys [433920 2009-10-21] (Leadtek Research Inc.)
S3 pfc; system32\drivers\pfc.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 08:18 - 2014-10-08 08:19 - 00011156 _____ () C:\Users\Boban\Desktop\FRST.txt
2014-10-07 23:31 - 2014-10-07 23:31 - 00009488 _____ () C:\Users\Boban\Desktop\JRT1.txt
2014-10-07 23:30 - 2014-10-07 23:30 - 00009488 _____ () C:\Users\Boban\Desktop\JRT.txt
2014-10-07 23:28 - 2014-10-07 23:28 - 00000000 ____D () C:\Windows\ERUNT
2014-10-07 23:27 - 2014-10-07 23:27 - 01705141 _____ (Thisisu) C:\Users\Boban\Desktop\JRT.exe
2014-10-07 23:27 - 2014-10-07 23:27 - 00025095 _____ () C:\Users\Boban\Desktop\AdwCleaner[S0].txt
2014-10-07 23:24 - 2014-10-07 23:24 - 00000314 _____ () C:\Windows\PFRO.log
2014-10-07 23:22 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-10-07 23:20 - 2014-10-07 23:23 - 00000000 ____D () C:\AdwCleaner
2014-10-07 23:20 - 2014-10-07 23:20 - 01375089 _____ () C:\Users\Boban\Desktop\AdwCleaner.exe
2014-10-07 10:41 - 2014-10-08 08:19 - 00000000 ____D () C:\FRST
2014-10-07 10:40 - 2014-10-07 10:40 - 01101312 _____ (Farbar) C:\Users\Boban\Desktop\FRST.exe
2014-10-06 14:02 - 2014-10-06 14:01 - 00214028 _____ () C:\UPLATA.EXE
2014-10-02 14:39 - 2014-10-03 15:42 - 00000000 ____D () C:\TimeTables
2014-10-01 15:39 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 20:10 - 2014-09-30 20:17 - 00000000 ____D () C:\Program Files\idoo
2014-09-30 19:56 - 2014-09-30 19:58 - 00000000 ____D () C:\Users\Boban\Downloads\idoo Video Editor Pro -Kayz Afridi-
2014-09-30 19:18 - 2014-09-30 20:26 - 3900907520 ____R () C:\Users\Boban\Downloads\Windows_8.1_Pro_X64_Activated.iso
2014-09-30 18:45 - 2014-09-30 18:51 - 00000400 __RSH () C:\ProgramData\ntuser.pol
2014-09-30 18:39 - 2014-09-30 18:39 - 00001075 _____ () C:\Users\Boban\Desktop\CleanMyPC - Registry Cleaner (2).lnk
2014-09-29 23:09 - 2014-09-30 18:41 - 00000000 ____D () C:\Users\Boban\Downloads\Windows 8.1 Update 1 Pro X64 PreActivated
2014-09-29 10:16 - 2014-09-29 10:16 - 128076958 _____ () C:\Windows\MEMORY.DMP
2014-09-29 10:16 - 2014-09-29 10:16 - 00131120 _____ () C:\Windows\Minidump\092914-18470-01.dmp
2014-09-27 19:47 - 2014-09-27 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ Hard Disk Monitor
2014-09-27 19:47 - 2014-09-27 19:47 - 00000000 ____D () C:\Program Files\LSoft Technologies Inc
2014-09-27 19:43 - 2014-09-27 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-27 19:43 - 2014-09-27 19:43 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-25 14:34 - 2014-09-25 14:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-25 09:33 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 15:26 - 2014-10-08 08:14 - 00002746 _____ () C:\Windows\setupact.log
2014-09-23 15:26 - 2014-09-23 15:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 20:57 - 2014-09-22 20:41 - 00415040 _____ () C:\KALKDRAG.EXE
2014-09-21 20:52 - 2014-09-22 11:09 - 00423600 _____ () C:\FAKTDEJA.EXE
2014-09-20 12:10 - 2014-09-20 12:10 - 00000000 ____D () C:\Users\Boban\sMedio
2014-09-20 12:10 - 2014-09-20 12:10 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\sMedio
2014-09-20 12:04 - 2014-09-20 12:04 - 00001962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel WinDVD Pro 11.lnk
2014-09-20 12:04 - 2014-09-20 12:04 - 00001950 _____ () C:\Users\Public\Desktop\Corel WinDVD Pro 11.lnk
2014-09-20 12:04 - 2014-09-20 12:04 - 00000000 ____D () C:\ProgramData\sMedio
2014-09-20 12:02 - 2014-09-20 12:02 - 00000000 ____D () C:\Program Files\sMedio
2014-09-20 12:02 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-09-20 12:02 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-09-20 11:52 - 2014-09-20 11:55 - 00000000 ____D () C:\Users\Boban\Downloads\Corel WinDVD Pro 11.6.1.13.301045
2014-09-19 16:55 - 2014-09-20 11:17 - 00127477 _____ () C:\Users\Boban\Documents\PDR.dmp
2014-09-19 16:01 - 2014-09-19 16:01 - 00000000 ____D () C:\SmartSound Software
2014-09-19 16:01 - 2014-09-19 16:01 - 00000000 ____D () C:\Program Files\SmartSound Software
2014-09-19 16:00 - 2014-09-19 17:05 - 00002559 _____ () C:\Users\Boban\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\UpdatusUser\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\TEMP\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\Default\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00002276 _____ () C:\Users\Default User\Desktop\CyberLink PowerDirector.lnk
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 16:00 - 2014-09-19 16:00 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-09-19 15:57 - 2014-09-19 16:00 - 00000000 ____D () C:\Program Files\CyberLink
2014-09-19 15:43 - 2014-09-19 16:03 - 00000000 ____D () C:\Users\Boban\Downloads\CyberLink Power Director 11 Ultra
2014-09-19 15:42 - 2014-09-19 15:47 - 245557088 _____ () C:\Users\Boban\Downloads\RAR FILE_CYBERLINK_POWERDIRECTOR 8_100% WORKING SERIAL.rar
2014-09-19 15:34 - 2014-09-19 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-09-19 15:33 - 2014-09-19 15:33 - 00000000 ____D () C:\Program Files\Sony
2014-09-19 15:02 - 2014-10-06 14:15 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\uTorrent
2014-09-19 15:02 - 2014-09-19 15:02 - 00000831 _____ () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-09-19 14:46 - 2014-09-19 14:46 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Sony Creative Software Inc
2014-09-18 21:31 - 2014-09-19 14:46 - 00000000 ____D () C:\Users\Boban\AppData\Local\Sony
2014-09-18 21:30 - 2014-09-19 15:33 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Sony
2014-09-18 21:26 - 2014-09-18 21:26 - 00000000 ____D () C:\Users\Boban\Downloads\SONY Vegas Pro 11.0 Build 370 + Patch (32-bit) [RH]
2014-09-18 20:39 - 2014-09-18 20:39 - 00002164 _____ () C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk
2014-09-18 20:39 - 2014-09-18 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio SE DVD
2014-09-18 20:19 - 2014-09-18 20:20 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-09-18 20:19 - 2014-09-18 20:20 - 00000000 ____D () C:\IExp1.tmp
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\Windows\RegisteredPackages
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2014-09-18 20:19 - 2014-09-18 20:19 - 00000000 ____D () C:\IExp0.tmp
2014-09-18 18:50 - 2014-09-18 18:50 - 00000000 ____D () C:\Program Files\Somagic
2014-09-18 18:50 - 2014-09-18 18:50 - 00000000 ____D () C:\Program Files\Common Files\Somagic
2014-09-18 18:50 - 2011-01-26 11:31 - 00805888 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\SmiUsbGrabber3C.sys
2014-09-17 19:41 - 2014-09-18 20:44 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Ulead Systems
2014-09-17 19:37 - 2014-09-17 19:37 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\InstallShield
2014-09-17 19:34 - 2014-09-20 11:22 - 00000000 ____D () C:\Program Files\Ulead Systems
2014-09-17 19:34 - 2014-09-20 11:21 - 00000000 ____D () C:\Program Files\Common Files\Ulead Systems
2014-09-17 19:08 - 2014-09-17 19:08 - 00000000 ____D () C:\Program Files\MagicDisc
2014-09-17 19:08 - 2009-02-24 18:42 - 00116736 _____ (MagicISO, Inc.) C:\Windows\system32\Drivers\mcdbus.sys
2014-09-16 20:45 - 2014-09-20 12:04 - 00000000 ____D () C:\Program Files\Common Files\InterVideo
2014-09-16 20:39 - 2014-09-16 20:39 - 00000005 _____ () C:\Windows\system32\lMMLDeleteUserData42107612FX.tmp
2014-09-16 17:38 - 2014-09-16 17:38 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\VOS
2014-09-16 16:04 - 2014-09-16 16:04 - 00000000 ____D () C:\Program Files\GTWorks
2014-09-16 16:01 - 2014-09-16 16:01 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Aegisub
2014-09-16 14:13 - 2014-09-16 14:13 - 00000000 ____D () C:\Users\Boban\Downloads\VirtualDub_198
2014-09-16 11:02 - 2014-09-16 11:02 - 00000000 ____D () C:\Users\Boban\New folder (2)
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\Documents\ShowBiz 2
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\Documents\My Albums
2014-09-15 22:21 - 2014-09-15 22:21 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\ArcSoft
2014-09-15 22:20 - 2014-09-16 13:59 - 00000000 ____D () C:\Program Files\Common Files\element5 Shared
2014-09-15 22:20 - 2014-09-15 22:20 - 00000000 ____D () C:\ProgramData\element5
2014-09-15 22:17 - 1995-07-31 13:44 - 00212480 _____ (Eastman Kodak) C:\Windows\PCDLIB32.DLL
2014-09-15 20:37 - 2014-09-15 20:37 - 00000000 ____D () C:\Users\Boban\Downloads\Arcadia
2014-09-15 17:27 - 2009-09-04 17:29 - 01974616 ____N (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-09-15 17:27 - 2009-09-04 17:29 - 01892184 ____N (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-09-15 17:26 - 2007-07-19 18:14 - 03727720 ____N (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-09-15 17:26 - 2006-03-31 12:40 - 02388176 ____N (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-09-15 16:56 - 2014-09-16 14:19 - 00000000 ____D () C:\Program Files\Movavi Video Editor 4
2014-09-15 16:45 - 2014-09-16 14:15 - 00000000 ____D () C:\Program Files\DVDlabPro2
2014-09-15 16:22 - 2014-09-15 16:22 - 00001022 _____ () C:\Users\UpdatusUser\Desktop\Idigicon VHS Backup.lnk
2014-09-15 16:22 - 2014-09-15 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD
2014-09-15 16:22 - 2014-09-15 16:22 - 00000000 ____D () C:\Program Files\XviD
2014-09-15 16:00 - 2014-09-20 11:16 - 00000000 ____D () C:\Users\Boban\Documents\Ulead VideoStudio SE
2014-09-15 15:55 - 2014-09-15 15:55 - 00000000 ____D () C:\ProgramData\InstallShield
2014-09-15 15:27 - 2014-09-16 15:08 - 00000000 ____D () C:\Users\Boban\AppData\Local\CrashDumps
2014-09-15 15:18 - 2014-09-28 15:03 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-15 15:18 - 2014-09-15 15:19 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Mozilla
2014-09-15 15:18 - 2014-09-15 15:18 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-15 10:54 - 2014-09-15 10:54 - 00212940 _____ () C:\REINDEX.EXE
2014-09-14 20:44 - 2014-09-14 20:44 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\TechSmith
2014-09-14 20:43 - 2014-09-14 20:43 - 00000000 ____D () C:\Users\Boban\Documents\Camtasia Studio
2014-09-14 20:40 - 2014-09-16 15:31 - 00000000 ____D () C:\Program Files\TechSmith
2014-09-14 19:59 - 2014-09-16 10:30 - 00000040 _____ () C:\Windows\EditPack.INI
2014-09-14 19:59 - 2014-09-14 19:59 - 00000000 ____D () C:\Users\Boban\AppData\Local\VHS to DVD
2014-09-14 19:58 - 2014-09-15 15:09 - 00000000 ____D () C:\Users\Boban\Documents\VHS to DVD
2014-09-14 19:56 - 2014-09-14 19:56 - 00000000 ____D () C:\Program Files\honestech
2014-09-14 19:51 - 2014-09-19 16:55 - 00000000 ____D () C:\ProgramData\CyberLink
2014-09-14 19:51 - 2014-09-15 16:08 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\CyberLink
2014-09-14 19:51 - 2014-09-14 19:51 - 00000000 ____D () C:\Users\Public\CyberLink
2014-09-14 19:51 - 2014-09-14 19:51 - 00000000 ____D () C:\Users\Boban\Documents\CyberLink
2014-09-14 19:49 - 2014-09-19 16:01 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc
2014-09-14 19:49 - 2014-09-14 19:49 - 00000000 ____D () C:\ProgramData\eSellerate
2014-09-14 19:47 - 2014-09-14 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-09-14 19:46 - 2014-09-14 19:47 - 00000000 ____D () C:\Program Files\QuickTime
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\Users\Boban\AppData\Local\Apple
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-14 19:46 - 2014-09-14 19:46 - 00000000 ____D () C:\ProgramData\Apple
2014-09-12 12:30 - 2014-09-12 12:29 - 00003732 _____ () C:\PROMBUT.DBF
2014-09-11 22:19 - 2014-10-06 14:26 - 00000000 ____D () C:\Raspored
2014-09-11 22:19 - 2014-09-11 22:19 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\aSc Timetables
2014-09-11 18:04 - 2014-09-11 18:05 - 00000000 ____D () C:\Users\Boban\Desktop\Raspored
2014-09-11 16:48 - 2014-09-11 16:48 - 00063488 _____ () C:\Users\Boban\Downloads\asc.timetables.2014-fixed.patch.exe
2014-09-10 16:09 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 16:09 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 16:09 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 16:09 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 16:09 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 16:09 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 16:09 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 16:09 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 16:09 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 16:09 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 16:09 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 16:09 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 16:09 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 16:09 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 16:09 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 16:09 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 16:09 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 16:09 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 16:09 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 16:09 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 16:09 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 16:09 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 16:09 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 16:09 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 16:09 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 16:09 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 16:09 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 16:09 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 16:09 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 16:09 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 16:04 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 15:48 - 2014-09-10 15:48 - 00002043 _____ () C:\TuneUp 1-Click Maintenance.lnk
2014-09-10 15:48 - 2014-09-10 15:48 - 00002013 _____ () C:\TuneUp Utilities 2014.lnk
2014-09-10 15:23 - 2014-03-20 14:44 - 00036664 ____N (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-09-10 15:23 - 2014-03-20 14:44 - 00025400 ____N (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-09-10 15:20 - 2014-09-16 11:26 - 00000000 ____D () C:\Users\Boban\Documents\Ulead VideoStudio
2014-09-10 15:17 - 2014-09-10 15:17 - 00000000 ____D () C:\ProgramData\InterVideo
2014-09-10 15:14 - 2014-09-18 20:37 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-09-10 14:33 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 14:33 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 14:32 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 14:31 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 17:41 - 2014-09-09 17:42 - 00000000 ____D () C:\vsx5
2014-09-09 17:08 - 2014-09-09 17:08 - 00001121 _____ () C:\Users\Public\Desktop\WebSite X5 Professional 10.lnk
2014-09-09 17:08 - 2014-09-09 17:08 - 00000000 ____D () C:\Users\Boban\AppData\Local\Incomedia
2014-09-09 17:08 - 2014-09-09 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 v10 - Professional
2014-09-09 17:05 - 2014-09-09 17:08 - 00000000 ____D () C:\Program Files\WebSite X5 v10 - Professional
2014-09-09 14:20 - 2014-09-09 14:21 - 00000000 ____D () C:\Users\Boban\Documents\Quick-PDF PDF to Word
2014-09-09 14:20 - 2014-09-09 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF to Word
2014-09-09 14:20 - 2014-09-09 14:20 - 00000000 ____D () C:\Program Files\PDF to Word
2014-09-09 14:19 - 2014-09-09 14:19 - 00000000 ____D () C:\Users\Boban\Downloads\Quick-PDF PDF To Word Converter 2.2 + (zabranjeno)-[HB]
2014-09-09 14:11 - 2014-09-09 14:11 - 00001066 _____ () C:\Users\Boban\Desktop\PDFConverter.lnk
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Softplicity
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total PDF Converter
2014-09-09 14:11 - 2014-09-09 14:11 - 00000000 ____D () C:\Program Files\Total PDF Converter
2014-09-09 14:05 - 2014-09-09 14:05 - 00000000 ____D () C:\ProgramData\pdf-watermark-remover-wm
2014-09-09 14:02 - 2014-09-09 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Watermark Revmoer
2014-09-09 14:02 - 2014-09-09 14:02 - 00000000 ____D () C:\Program Files\PDF Watermark Revmoer
2014-09-08 10:11 - 2014-09-08 10:11 - 00001234 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\Users\Boban\AppData\Local\VS Revo Group
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-09-08 10:11 - 2014-09-08 10:11 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-08 10:11 - 2009-12-30 10:21 - 00027192 ____N (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-09-08 10:09 - 2014-09-08 10:10 - 00000000 ____D () C:\Users\Boban\Downloads\Revo Uninstaller Pro 3.0.8 Final (32-64 Bit) ML - SceneDL (PimpRG)

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 08:18 - 2014-09-03 13:39 - 01911837 _____ () C:\Windows\WindowsUpdate.log
2014-10-08 08:17 - 2014-02-23 11:52 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf307cea445b20.job
2014-10-08 08:14 - 2014-02-23 11:52 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf307ce82fd300.job
2014-10-08 08:14 - 2013-07-16 12:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-08 08:14 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-07 23:31 - 2009-07-14 06:34 - 00021280 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-07 23:31 - 2009-07-14 06:34 - 00021280 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-07 23:22 - 2013-07-15 21:22 - 00000000 ____D () C:\Users\Boban
2014-10-07 23:18 - 2013-10-16 15:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-06 13:45 - 2013-07-24 16:58 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Skype
2014-10-03 15:56 - 2013-07-15 21:24 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\GHISLER
2014-10-03 15:56 - 2013-07-15 21:24 - 00000000 ____D () C:\Total Commander 2012 v8.01 RC4 Full
2014-10-03 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-03 15:33 - 2009-07-14 06:53 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-01 16:48 - 2013-08-15 13:19 - 00000440 ____H () C:\Windows\Tasks\Norton Security Scan for Boban.job
2014-10-01 16:02 - 2014-08-05 14:52 - 00000000 ____D () C:\Windows\rescache
2014-09-30 20:12 - 2013-10-11 14:57 - 00000193 _____ () C:\Windows\WORDPAD.INI
2014-09-30 20:00 - 2010-11-20 23:01 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-30 18:48 - 2014-08-04 12:02 - 00000045 _____ () C:\Windows\system32\_WKERNEL.SYL
2014-09-30 18:45 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-29 10:16 - 2014-08-05 14:16 - 00000000 ____D () C:\Windows\Minidump
2014-09-27 19:47 - 2013-07-16 09:42 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-27 19:44 - 2013-07-24 16:58 - 00000000 ____D () C:\ProgramData\Skype
2014-09-27 19:44 - 2013-07-16 12:42 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-27 19:44 - 2013-07-16 12:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-27 19:43 - 2013-07-24 16:58 - 00000000 ___RD () C:\Program Files\Skype
2014-09-23 11:25 - 2013-12-12 16:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-23 11:11 - 2013-07-16 15:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-21 20:53 - 2013-07-17 17:05 - 00000461 _____ () C:\Windows\VC.INI
2014-09-19 15:52 - 2009-07-14 04:04 - 00000918 _____ () C:\Windows\win.ini
2014-09-18 20:36 - 2013-07-16 15:28 - 00000000 ____D () C:\Users\Boban\AppData\Local\Adobe
2014-09-18 19:14 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-17 19:08 - 2013-10-14 14:52 - 00000927 _____ () C:\Users\UpdatusUser\Desktop\MagicDisc.lnk
2014-09-17 19:08 - 2013-10-14 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
2014-09-17 18:50 - 2009-07-14 06:33 - 00460896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-17 18:49 - 2013-07-15 21:32 - 00128776 _____ () C:\Users\Boban\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-16 20:39 - 2013-07-27 15:28 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\HTC
2014-09-16 20:39 - 2013-07-27 12:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-09-16 20:39 - 2013-07-27 12:38 - 00000000 ____D () C:\ProgramData\HTC
2014-09-16 14:05 - 2014-03-19 10:39 - 00000000 ____D () C:\Program Files\CCP Server 5
2014-09-16 14:04 - 2014-03-19 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberCafePro Main Control Station 5
2014-09-15 16:55 - 2013-07-27 12:43 - 00000000 ____D () C:\Users\Boban\AppData\Local\Downloaded Installations
2014-09-15 15:53 - 2013-07-16 09:45 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-09-15 11:13 - 2013-07-16 13:10 - 00000000 ____D () C:\Windows\pss
2014-09-15 09:06 - 2013-07-15 21:22 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-14 19:51 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-09-14 19:49 - 2013-12-28 17:54 - 00000000 ____D () C:\Users\TEMP
2014-09-10 16:04 - 2013-10-14 14:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 16:04 - 2013-08-14 13:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 15:57 - 2013-07-15 21:21 - 98758480 ____N (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 15:49 - 2014-01-11 12:51 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\TuneUp Software
2014-09-10 15:21 - 2014-01-11 12:50 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-10 15:20 - 2013-08-27 13:39 - 00001183 _____ () C:\Users\Boban\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-09-09 18:08 - 2013-07-25 11:56 - 00000000 ___RD () C:\Users\Boban\Dropbox
2014-09-09 16:54 - 2013-07-25 11:54 - 00000000 ____D () C:\Users\Boban\AppData\Roaming\Dropbox
2014-09-09 15:02 - 2013-07-15 21:24 - 00000000 ____D () C:\DOS
2014-09-08 10:11 - 2014-09-03 13:38 - 00000000 ____D () C:\Users\Boban\Desktop\Data

Some content of TEMP:
====================
C:\Users\Boban\AppData\Local\Temp\Quarantine.exe
C:\Users\Boban\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-01 15:54

==================== End Of Log ============================

Poslao: 08 Okt 2014 09:28
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKLM\...\Policies\Explorer\Run: [SysLogger32] => C:\Windows\security\Syslogs\core32_178.dll [1476608 2013-09-07] ( ())
HKU\S-1-5-21-1582240820-2018686280-1996047769-1000\...\MountPoints2: {61c39312-34ca-11e3-92d2-ebe75371da66} - L:\SETUP.EXE
FF Extension: TheTorntv V10 - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-09-15]
FF Extension: Ultimate Finder - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-07]
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-104&v=a13277-328&t=4"
CHR DefaultSearchProvider: Default -> Ask.com
CHR DefaultSearchURL: Default -> http://dts.search.ask.com/sr?src=crb&gct=ds&appid=.....nrs=AG1&q={searchTerms}
Task: {50BBC60D-A712-4254-98CA-6509ADD8A016} - \Driver Booster SkipUAC (SYSTEM) No Task File <==== ATTENTION
Task: {D8D165F5-F7C8-4CE6-B65F-21CEFF249880} - System32\Tasks\CPUSpeed => C:\Users\Boban\AppData\Roaming\VideoDrivers\CPU\x86\run.vbs [2014-02-01] ()
C:\Users\Boban\AppData\Roaming\VideoDrivers
C:\Windows\security\Syslogs
C:\Program Files\Torntv V9.0
AlternateDataStreams: C:\ProgramData\TEMP:A5C00DEE
AlternateDataStreams: C:\ProgramData\TEMP:ECF54A0E
C:\Windows\pss\TornTvDownloader.lnk.Startup
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon" /f
C:\Users\Boban\AppData\Roaming\ValueApps
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" /f
C:\Users\Boban\AppData\Local\iLivid
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f
C:\Program Files\Mobogenie
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive" /f
C:\Users\Boban\AppData\Roaming\newnext.me
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pokki" /f
C:\Users\Boban\AppData\Pokki
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\wuaclts" /f
C:\Users\Boban\AppData\Roaming\wuaclt\wuaclt.exe
Task: {E0D1D873-DCEA-42BA-A0C3-4F94CA4304DF} - System32\Tasks\Norton Security Scan for Boban => C:\PROGRA~1\NORTON~2\Engine\401~1.16\Nss.exe


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum

Poslao: 08 Okt 2014 15:53
Idi na vrh
offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-10-2014 01
Ran by Boban at 2014-10-08 15:47:42 Run:1
Running from C:\Users\Boban\Desktop
Loaded Profiles: Boban & UpdatusUser (Available profiles: Boban & UpdatusUser)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKHKLM\...\Policies\Explorer\Run: [SysLogger32] => C:\Windows\security\Syslogs\core32_178.dll [1476608 2013-09-07] ( ())
HKU\S-1-5-21-1582240820-2018686280-1996047769-1000\...\MountPoints2: {61c39312-34ca-11e3-92d2-ebe75371da66} - L:\SETUP.EXE
FF Extension: TheTorntv V10 - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-09-15]
FF Extension: Ultimate Finder - C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-07]
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-104&v=a13277-328&t=4"
CHR DefaultSearchProvider: Default -> Ask.com
CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}
Task: {50BBC60D-A712-4254-98CA-6509ADD8A016} - \Driver Booster SkipUAC (SYSTEM) No Task File <==== ATTENTION
Task: {D8D165F5-F7C8-4CE6-B65F-21CEFF249880} - System32\Tasks\CPUSpeed => C:\Users\Boban\AppData\Roaming\VideoDrivers\CPU\x86\run.vbs [2014-02-01] ()
C:\Users\Boban\AppData\Roaming\VideoDrivers
C:\Windows\security\Syslogs
C:\Program Files\Torntv V9.0
AlternateDataStreams: C:\ProgramData\TEMP:A5C00DEE
AlternateDataStreams: C:\ProgramData\TEMP:ECF54A0E
C:\Windows\pss\TornTvDownloader.lnk.Startup
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon" /f
C:\Users\Boban\AppData\Roaming\ValueApps
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" /f
C:\Users\Boban\AppData\Local\iLivid
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f
C:\Program Files\Mobogenie
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive" /f
C:\Users\Boban\AppData\Roaming\newnext.me
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pokki" /f
C:\Users\Boban\AppData\Pokki
cmd: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\wuaclts" /f
C:\Users\Boban\AppData\Roaming\wuaclt\wuaclt.exe
Task: {E0D1D873-DCEA-42BA-A0C3-4F94CA4304DF} - System32\Tasks\Norton Security Scan for Boban => C:\PROGRA~1\NORTON~2\Engine\401~1.16\Nss.exe
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\HKSysLogger32 => Value not found.
"HKU\S-1-5-21-1582240820-2018686280-1996047769-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61c39312-34ca-11e3-92d2-ebe75371da66}" => Key deleted successfully.
"HKCR\CLSID\{61c39312-34ca-11e3-92d2-ebe75371da66}" => Key not found.
C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com => Moved successfully.
C:\Users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\rtc8ea7a.default-1381584217073\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} => Moved successfully.
Chrome StartupUrls deleted successfully.
CHR DefaultSearchProvider: Default -> Ask.com ==> The Chrome "Settings" can be used to fix the entry.
Chrome DefaultSearchURL deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50BBC60D-A712-4254-98CA-6509ADD8A016}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50BBC60D-A712-4254-98CA-6509ADD8A016}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (SYSTEM)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D8D165F5-F7C8-4CE6-B65F-21CEFF249880}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8D165F5-F7C8-4CE6-B65F-21CEFF249880}" => Key deleted successfully.
C:\Windows\System32\Tasks\CPUSpeed => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CPUSpeed" => Key deleted successfully.
C:\Users\Boban\AppData\Roaming\VideoDrivers => Moved successfully.
C:\Windows\security\Syslogs => Moved successfully.
"C:\Program Files\Torntv V9.0" => File/Directory not found.
C:\ProgramData\TEMP => ":A5C00DEE" ADS removed successfully.
C:\ProgramData\TEMP => ":ECF54A0E" ADS removed successfully.
C:\Windows\pss\TornTvDownloader.lnk.Startup => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Users\Boban\AppData\Roaming\ValueApps" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Users\Boban\AppData\Local\iLivid" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Program Files\Mobogenie" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Users\Boban\AppData\Roaming\newnext.me" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pokki" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Users\Boban\AppData\Pokki" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\wuaclts" /f =========

The operation completed successfully.


========= End of CMD: =========

"C:\Users\Boban\AppData\Roaming\wuaclt\wuaclt.exe" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0D1D873-DCEA-42BA-A0C3-4F94CA4304DF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0D1D873-DCEA-42BA-A0C3-4F94CA4304DF}" => Key deleted successfully.
C:\Windows\System32\Tasks\Norton Security Scan for Boban => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security Scan for Boban" => Key deleted successfully.

==== End of Fixlog ====

Poslao: 08 Okt 2014 18:07
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sada stanje sistema?



Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.


Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

MyCity » Ambulanta -> Arhiva Ambulante » Usporen pc ,narocito internet

Ko je trenutno na forumu
 

Ukupno su 1112 korisnika na forumu :: 91 registrovanih, 7 sakrivenih i 1014 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 015, 357magnum, alberto, Aleksa 3215, AleksSE, alexbr, Alibaba1981, Apok, ArchaBasha, Armadillo, Arsenije, Ba4e, bbelic, Bobrock1, Boris BM, brufen, Centauro, Cian, coaaco, Dare, darkdruid72, darkojbn, Dejan_vw, Denaya, Django777, draganl, Drugsparrow, dule10savic, dusan.l, eagle.rs, FOX, gaga23, Gheljda, gomago, Hemi, HrcAk47, hyla, ikan, ivan1973, Jakonjveliki, jimi_agf, jodzula, Jose, Jovan1983, Kobrim, KonstantinR, ladro, Lester Freamon, LjutaGuja, Macalone, macoromiso, Mae, Magistar78, mikidragi, Milan A. Nikolic, milenko crazy north, milos.cbr, MilosKop, milutin134, Miškić, Mldo, Mzee, nekdo, NNPD, nobutado, opt1, Paklenica, pein, powSrb, PrincipL, procesor, radoznao, Razdroid, RD84, SamostalniReferent, Shadows1, Shinobi, Smajser, ss10, sslay, stegonosa, Str2022, Tafocus, tenkiasta71, tomigun, vdeki, vensla, vladaa012, VladaDi, Vojkan Petrovic, Zvlade