Deinstalacija Tencent Tecgnology QQ (kineski, maliciozni program)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

• Pri pokretanju windows-a pokrene se taj program, kada nešto prezmem sa interneta pojave mi se neka slova na kineskom i ne znam šta znače. Pokušavao sam da ga isključim pomoću Task Managera ali nije uspjelo.
• Problem se počeo ispoljavati prije sedmicu dana (mislim, nisam siguran) kada sam instalirao YT downloader i zajedno sa njim instalirao jos 4 neka bezvezna pograma (jedan od njih je bio i taj kineski).
• Koristim ESET NOD32 Antivirus i on je nešta detektovao, ali sve je uspio očistiti. Ako želite da pogledati šta je bilo evo vam link pa skinite: https://www.sendspace.com/file/qsgcvz
• Pokušao sam Add or Remove programs dag a izbrišem, ali ga tu nisu pronašli. Zatim sam pokušavao i da ga isključim i sa Startup programa, ali system mi to nije dozvolio. Skinuo sam MaxUninstaller I RevoUninstaller, ali ni oni nisu pomogli.
• Raspolažem kablovskom konekcijom ADSL (BH Telecom BiH). Kada ucitam speedtest-ovu stranicu nema mi onog za testiranje brzine internet, ali zadnji put kada sam to mjerio ispalo je otprilike ovako: PING: ne sjećam se, DOWNLOAD SPEED: 4,5 MBps, UPLOAD SPEED: 0,32 MBps.
• Dodatne informacije: Program se zove Tencent Technology QQ. Porijeklom je iz Kine, i na kineskom jeziku. Usporava rad računara malo, ali zato puno usporava rad browsera.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Amar (administrator) on AMAR-PC on 18-06-2015 12:36:24
Running from C:\Users\Amar\Downloads
Loaded Profiles: Amar & UpdatusUser (Available Profiles: Amar & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCRTP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\plugins\QMNetMon\QQPCNetFlow.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCRealTimeSpeedup.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(腾讯公司) C:\Users\Amar\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidServer.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCTRAY.EXE [355296 2015-06-11] (Tencent)
HKLM-x32\...\Run: [PDF Seven] => C:\Program Files\PDFSeven\PDF.exe [489472 2009-12-10] (PDFLogic Corporation)
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\MountPoints2: F - F:\LGAutoRun.exe
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\MountPoints2: {97bc34de-ffca-11e4-8ab1-001fd0d81833} - F:\LGAutoRun.exe
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMGCShellExt64.dll [2015-06-11] (Tencent)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hppp&ts=143405.....Y1BAEJY1BX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=98115343_hao_pg
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=dspp&ts=14.....1BX&q={searchTerms}
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=98115343_hao_pg
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts=143405.....Y1BAEJY1BX
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=dspp&ts=14.....1BX&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2578} URL = http://www.default-search.net/search?sid=578&a.....=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2578} URL = http://www.default-search.net/search?sid=578&a.....=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchtotal.info/?l=1&q={searchTerms}&pid=24457&r=2015/05/29&hid=1914874679025766387&lg=EN&cc=BA&unqvl=88
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=14.....1BX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.istartsurf.com/web/?utm_source=b&ut.....ult&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsurf.com/web/?utm_source=b&ut.....ult&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=14.....1BX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2578} URL =
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://www.istartsurf.com/web/?utm_source=b&ut.....ult&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.istartsurf.com/web/?utm_source=b&ut.....ult&q={searchTerms}
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TSWebMon64.dat [2015-06-11] (Tencent)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Groove Folder Synchronization -> {5AF16DF1-1649-5F90-6952-72AE2CD63D6C} -> C:\Windows\SysWow64\msoorc32r.dll [2009-07-14] ()
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> No Name - {42435041-352D-5350-00A7-7A786E7484D7} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{115EF0E8-F4C7-45ED-93B3-5CF4FB330A84}: [NameServer] 208.67.222.222,208.67.220.220

FireFox:
========
FF ProfilePath: C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: istartsurf
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchtotal.info/?pid=24457&r=2015/05/29&hid=1914874679025766387&lg=EN&cc=BA&unqvl=88&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: istartsurf
FF SelectedSearchEngine,S: WebSearch
FF Homepage: about:home
FF Keyword.URL: hxxp://websearch.searchtotal.info/?pid=24457&r=2015/05/29&hid=1914874679025766387&lg=EN&cc=BA&unqvl=88&l=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-10] ()
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\npQMExtensionsMozilla.dll [2015-06-11] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-3894383191-3516363779-2002392177-1003: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll No File
FF user.js: detected! => C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\user.js [2015-06-17]
FF SearchPlugin: C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\searchplugins\default-search.xml [2015-05-24]
FF SearchPlugin: C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\searchplugins\istartsurf.xml [2015-06-17]
FF SearchPlugin: C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\searchplugins\WebSearch.xml [2015-05-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2015-05-24]
FF Extension: DigISuaover - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\OL@A.net [2015-05-26]
FF Extension: The AdBlocker - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\olmlridtzwamkt@cnjembqhqbbpywfqbtd.net [2015-06-05]
FF Extension: QuickSearch - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\searchffv2@gmail.com [2015-06-11]
FF Extension: Search Enginer - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\sweetsearch@gmail.com [2015-06-11]
FF Extension: Ge-ForcePlus v3 - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\TTSD90021300@PYDKGV101145942.com [2015-06-17]
FF Extension: PriceMMinouS - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\x0yeZPO@rl.edu [2015-05-29]
FF Extension: Shopper-Pro - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2015-06-16]
FF Extension: MEGA - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\firefox@mega.co.nz.xpi [2015-05-22]
FF Extension: YouTube mp3 - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\info@youtube-mp3.org.xpi [2015-05-25]
FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\extensions\searchffv2@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\extensions\sweetsearch@gmail.com

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-11]
CHR Extension: (Google Docs) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-11]
CHR Extension: (Google Drive) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-11]
CHR Extension: (YouTube) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-20]
CHR Extension: (Google Search) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-20]
CHR Extension: (Google Sheets) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Google Wallet) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]
CHR Extension: (Gmail) - C:\Users\Amar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-20]
CHR HKLM-x32\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iomphmdalfmaifjccmagmllnicjoghhk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ooebklgpfnbcnpokahmdidgbmlcdepkm] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2015-01-28] (ESET)
S2 PDFSevenPrinting; C:\Program Files\PDFSeven\PDFSevenPrinting.exe [513536 2009-07-06] (PDFLogic Corporation) [File not signed]
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCRTP.exe [297608 2015-06-11] (Tencent)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TAOFrame.exe [293728 2015-06-11] (Tencent)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ba96e052; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\SystemPlus\SystemPlus.dll",serv
S2 SmdmFService; C:\Program Files (x86)\Assets Manager\smdmf\SmdmFService.exe [X]
S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe /service [X]
S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X] <==== ATTENTION

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-01-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [159480 2015-01-30] (ESET)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMUdisk64.sys [62264 2015-04-17] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQSysMonX64.sys [129336 2015-06-11] (电脑管家)
S3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41624 2015-06-01] ()
R2 SPDRIVER_1.42.1.1870; C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1870\jsdrv.sys [52376 2015-06-01] ()
R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-06-11] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-06-11] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-06-11] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TS888x64.sys [28984 2015-06-18] (Tencent)
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\tscpm64.sys [42296 2015-06-11] (电脑管家)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TSDefenseBT64.sys [28472 2015-06-11] (Tencent)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-06-11] (电脑管家)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TSSysKit64.sys [87352 2015-06-11] (电脑管家)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 12:36 - 2015-06-18 12:36 - 00018890 _____ C:\Users\Amar\Downloads\FRST.txt
2015-06-18 12:36 - 2015-06-18 12:36 - 00000000 ____D C:\FRST
2015-06-18 12:35 - 2015-06-18 12:35 - 02109952 _____ (Farbar) C:\Users\Amar\Downloads\FRST64.exe
2015-06-17 18:49 - 2015-06-17 18:49 - 00002317 _____ C:\Users\Amar\Desktop\Minecraft.lnk
2015-06-17 18:04 - 2015-06-17 18:04 - 00003628 _____ C:\Users\Amar\Desktop\Antivirus-Scan.txt
2015-06-17 16:28 - 2015-06-17 16:28 - 00001417 _____ C:\Users\Amar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-17 16:16 - 2015-06-17 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-06-17 16:16 - 2015-06-17 16:16 - 00000000 ____D C:\ProgramData\ESET
2015-06-17 16:16 - 2015-06-17 16:16 - 00000000 ____D C:\Program Files\ESET
2015-06-17 16:08 - 2015-06-17 16:11 - 77025280 _____ C:\Users\Amar\Downloads\eav_nt64_ENU.msi
2015-06-17 16:00 - 2015-06-17 16:00 - 00006749 _____ C:\Users\Amar\Downloads\Internet Explorer Launcher.widget
2015-06-17 15:36 - 2015-06-17 15:37 - 00001595 _____ C:\Windows\IE11_main.log
2015-06-16 18:52 - 2015-06-18 12:17 - 00000392 _____ C:\Windows\setupact.log
2015-06-16 18:52 - 2015-06-16 18:52 - 00000000 _____ C:\Windows\setuperr.log
2015-06-16 18:51 - 2015-06-18 12:17 - 00003962 _____ C:\Windows\PFRO.log
2015-06-16 17:19 - 2015-06-16 17:19 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-06-16 17:19 - 2015-06-16 17:19 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-16 17:19 - 2015-06-16 17:19 - 00000000 ____D C:\Program Files\CCleaner
2015-06-16 17:17 - 2015-06-16 17:17 - 06552640 _____ (Piriform Ltd) C:\Users\Amar\Downloads\ccsetup506pro.exe
2015-06-16 17:04 - 2015-06-16 17:06 - 55915216 _____ (Microsoft Corporation) C:\Users\Amar\Downloads\IE11-Windows6.1-x64-en-us.exe
2015-06-16 16:20 - 2015-06-16 16:20 - 04764824 _____ (http://www.maxuninstaller.com/ ) C:\Users\Amar\Downloads\MaxUninstaller_Setup.exe
2015-06-16 16:19 - 2015-06-16 16:19 - 00000000 ____D C:\Users\Amar\AppData\Roaming\DriveTheLife2013
2015-06-15 22:45 - 2015-06-15 22:45 - 00000000 ____D C:\Windows\en
2015-06-15 22:44 - 2015-06-15 22:44 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-06-15 22:44 - 2015-06-15 22:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-06-15 22:43 - 2015-06-15 22:43 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-06-15 22:43 - 2015-06-15 22:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-06-15 22:42 - 2015-06-15 22:44 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-06-15 22:41 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-06-15 22:41 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-06-15 22:41 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-06-15 22:41 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-06-15 22:40 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-06-15 22:40 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-06-15 22:40 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-06-15 22:40 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-06-15 22:39 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-06-15 22:39 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-06-15 22:35 - 2015-06-16 12:22 - 00000000 ____D C:\Users\Amar\AppData\Local\Windows Live
2015-06-15 22:33 - 2015-06-15 22:33 - 01239752 _____ (Microsoft Corporation) C:\Users\Amar\Downloads\wlsetup-web.exe
2015-06-15 21:12 - 2015-06-15 21:12 - 00000000 ____D C:\Windows\SysWOW64\3060
2015-06-14 22:11 - 2015-06-15 20:13 - 00000000 ____D C:\Users\Amar\Documents\SonyVegasPro13
2015-06-14 20:58 - 2015-06-14 20:58 - 00004768 _____ C:\Users\Amar\Downloads\Big Explosion Effect Video Mp4 HD Sound.mp4.sfk
2015-06-14 20:57 - 2015-06-14 20:57 - 00287801 _____ C:\Users\Amar\Downloads\Big Explosion Effect Video Mp4 HD Sound.mp4
2015-06-12 15:56 - 2015-06-14 22:36 - 00000000 ____D C:\Users\Amar\Documents\Bandicam
2015-06-12 15:56 - 2015-06-12 15:56 - 00000000 ____D C:\Users\Amar\AppData\Roaming\BANDISOFT
2015-06-12 15:49 - 2015-06-12 15:49 - 00000992 _____ C:\Users\UpdatusUser\Desktop\Bandicam.lnk
2015-06-12 15:49 - 2015-06-12 15:49 - 00000992 _____ C:\Users\Amar\Desktop\Bandicam.lnk
2015-06-12 15:49 - 2015-06-12 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2015-06-12 15:49 - 2015-06-12 15:49 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2015-06-12 15:49 - 2015-06-12 15:49 - 00000000 ____D C:\Program Files (x86)\Bandicam
2015-06-12 15:45 - 2015-06-12 15:45 - 09870176 _____ (Bandisoft) C:\Users\Amar\Downloads\bdcamsetup.exe
2015-06-12 15:45 - 2015-06-12 15:45 - 00049664 _____ C:\Users\Amar\Downloads\keymaker.exe
2015-06-12 12:20 - 2015-06-12 12:20 - 00000000 ____D C:\ProgramData\TXQMPC
2015-06-12 12:01 - 2015-06-12 12:06 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-12 12:01 - 2015-06-12 12:01 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-06-12 12:00 - 2015-06-12 12:00 - 08051800 _____ (TeamViewer GmbH) C:\Users\Amar\Downloads\TeamViewer_Setup_hr.exe
2015-06-12 11:36 - 2015-06-12 11:36 - 00000036 _____ C:\Users\Amar\Documents\BalkanTrio.MP4.sfl
2015-06-12 11:35 - 2015-06-12 11:36 - 09821278 _____ C:\Users\Amar\Documents\BalkanTrio.MP4
2015-06-12 11:14 - 2012-10-03 12:24 - 857409536 _____ C:\Users\Amar\Downloads\Smoking_Text.avi
2015-06-12 11:14 - 2012-10-03 12:22 - 00015344 _____ C:\Users\Amar\Downloads\Smoking_Text.veg
2015-06-12 11:14 - 2012-04-19 14:28 - 01169517 _____ C:\Users\Amar\Downloads\smoke_pass.mp4
2015-06-12 11:13 - 2015-06-12 11:13 - 00000000 ____D C:\Users\Amar\Downloads\Smoking-Text
2015-06-12 11:03 - 2015-06-12 11:05 - 23338527 _____ C:\Users\Amar\Downloads\Smoking-Text.zip
2015-06-12 10:27 - 2015-06-12 10:27 - 00000000 ____D C:\Users\Amar\Documents\Lightshot
2015-06-11 22:49 - 2015-06-11 22:49 - 00000000 ____D C:\Users\Amar\AppData\Roaming\Publish Providers
2015-06-11 22:36 - 2015-06-11 22:36 - 00000000 ____D C:\ProgramData\Sony
2015-06-11 22:36 - 2015-06-11 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-06-11 22:36 - 2015-06-11 22:36 - 00000000 ____D C:\Program Files (x86)\Sony
2015-06-11 22:11 - 2015-06-11 22:31 - 411005560 _____ (Sony Creative Software Inc.) C:\Users\Amar\Downloads\vegaspro13.0.453.exe
2015-06-11 22:06 - 2015-06-11 22:06 - 00003140 _____ C:\Windows\System32\Tasks\{E6F26AAD-9F61-4583-803B-70B8D8EB34FC}
2015-06-11 22:04 - 2015-06-11 22:06 - 40839715 _____ (Sony Creative Software Inc.) C:\Users\Amar\Downloads\Unconfirmed 715274.crdownload
2015-06-11 21:59 - 2015-06-18 12:18 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-06-11 21:38 - 2015-06-11 22:07 - 00000000 ____D C:\Program Files (x86)\MiniGet
2015-06-11 21:38 - 2015-06-11 21:38 - 00000000 ____D C:\Users\Amar\AppData\Roaming\MiniGet
2015-06-11 21:36 - 2015-06-17 18:32 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-06-11 21:36 - 2015-06-17 16:40 - 00000000 ____D C:\ProgramData\TymraSaq
2015-06-11 21:36 - 2015-06-11 21:36 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-06-11 21:36 - 2015-06-11 21:36 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-06-11 21:36 - 2015-06-11 21:35 - 00099640 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-06-11 21:35 - 2015-06-17 16:24 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-06-11 21:35 - 2015-06-11 21:35 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-06-11 21:35 - 2015-06-11 21:35 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-06-11 21:35 - 2015-06-11 21:35 - 00038200 _____ (电脑管家) C:\Windows\system32\Drivers\TSSKX64.sys
2015-06-11 21:35 - 2015-06-11 21:35 - 00000000 _____ C:\Windows\prleth.sys
2015-06-11 21:35 - 2015-06-11 21:35 - 00000000 _____ C:\Windows\hgfs.sys
2015-06-11 21:34 - 2015-06-17 15:17 - 00000000 ____D C:\Users\Amar\AppData\Roaming\Tencent
2015-06-11 21:34 - 2015-06-12 12:24 - 00000000 ____D C:\ProgramData\Tencent
2015-06-11 21:34 - 2015-06-11 21:34 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-06-11 21:30 - 2015-06-11 21:30 - 00000000 ____D C:\ProgramData\Rising
2015-06-11 21:17 - 2015-06-11 21:34 - 224907828 _____ (Sony Creative Software Inc.) C:\Users\Amar\Downloads\Unconfirmed 110625.crdownload
2015-06-10 21:35 - 2015-06-10 21:35 - 00394273 _____ C:\Users\Amar\Downloads\Za Mrezu MB-stambeni.zip
2015-06-10 11:52 - 2015-06-10 11:52 - 05235200 _____ C:\Users\Amar\Downloads\Lista SP za Mrezu -KAKANJ 1.xls
2015-06-10 10:59 - 2015-06-10 10:59 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (12).xlsx
2015-06-10 10:56 - 2015-06-10 10:56 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (11).xlsx
2015-06-10 10:54 - 2015-06-10 10:54 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (9).xlsx
2015-06-10 10:54 - 2015-06-10 10:54 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (10).xlsx
2015-06-10 10:53 - 2015-06-10 10:53 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (8).xlsx
2015-06-10 10:53 - 2015-06-10 10:53 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (7).xlsx
2015-06-10 10:52 - 2015-06-10 10:52 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (6).xlsx
2015-06-10 10:52 - 2015-06-10 10:52 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (5).xlsx
2015-06-10 10:50 - 2015-06-10 10:50 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (4).xlsx
2015-06-10 10:12 - 2015-06-10 10:12 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (3).xlsx
2015-06-10 10:10 - 2015-06-10 10:10 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (2).xlsx
2015-06-10 10:09 - 2015-06-10 10:09 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti (1).xlsx
2015-06-10 10:07 - 2015-06-10 10:07 - 00015196 _____ C:\Users\Amar\Downloads\spisak Kakanj gosti.xlsx
2015-06-09 15:17 - 2015-06-09 15:18 - 01955328 _____ C:\Users\Amar\Downloads\kategorizacija_retail klijenti (1).ppt
2015-06-09 15:16 - 2015-06-09 15:17 - 01955328 _____ C:\Users\Amar\Downloads\kategorizacija_retail klijenti.ppt
2015-06-09 12:45 - 2015-06-09 12:45 - 00170962 _____ C:\Users\Amar\Downloads\mmffncokckfccddfenhkhnllmlobdahm_main (1).crx
2015-06-09 12:44 - 2015-06-09 12:44 - 00170962 _____ C:\Users\Amar\Downloads\mmffncokckfccddfenhkhnllmlobdahm_main.crx
2015-06-08 23:30 - 2015-06-17 20:39 - 00000386 _____ C:\Windows\Tasks\update-sys.job
2015-06-08 23:30 - 2015-06-17 19:42 - 00000386 _____ C:\Windows\Tasks\update-S-1-5-21-3894383191-3516363779-2002392177-1001.job
2015-06-08 23:30 - 2015-06-08 23:30 - 00003282 _____ C:\Windows\System32\Tasks\update-sys
2015-06-08 23:30 - 2015-06-08 23:30 - 00003258 _____ C:\Windows\System32\Tasks\update-S-1-5-21-3894383191-3516363779-2002392177-1001
2015-06-08 23:30 - 2015-06-08 23:30 - 00000424 _____ C:\Users\Amar\AppData\Local\UserProducts.xml
2015-06-08 23:30 - 2015-06-08 23:30 - 00000003 _____ C:\Users\Amar\AppData\Local\updater.log
2015-06-08 23:30 - 2015-06-08 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2015-06-08 23:30 - 2015-06-08 23:30 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2015-06-08 23:29 - 2015-06-08 23:29 - 02511360 _____ (Skillbrains ) C:\Users\Amar\Downloads\setup-lightshot.exe
2015-06-08 22:22 - 2015-06-08 22:22 - 07947159 _____ C:\Users\Amar\Downloads\PanoramicBridges.deskthemepack
2015-06-08 22:19 - 2015-06-08 22:20 - 12757300 _____ C:\Users\Amar\Downloads\PanoramicForests.deskthemepack
2015-06-08 21:12 - 2015-06-15 21:12 - 00000000 ____D C:\Windows\SysWOW64\3059
2015-06-08 13:12 - 2015-06-08 13:12 - 00500224 _____ C:\Users\Amar\Downloads\Master_MBA_Mostar.ppt
2015-06-07 12:55 - 2015-06-07 12:55 - 09605800 _____ C:\Users\Amar\Downloads\Captive-Minecraft-Beta1_6.zip
2015-06-07 12:55 - 2015-06-07 12:55 - 00000000 ____D C:\Users\Amar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-05 11:06 - 2015-06-05 11:06 - 00000079 _____ C:\Program Files (x86)\prefs.js
2015-06-04 22:00 - 2015-06-04 22:00 - 00125138 _____ C:\Users\Amar\Downloads\XRay-1.8.1-v2.15.2.jar
2015-06-04 09:34 - 2015-06-04 09:34 - 00002784 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-06-04 09:34 - 2015-06-04 09:34 - 00002784 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-06-04 09:34 - 2015-06-04 09:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-06-04 09:34 - 2015-05-25 10:24 - 00429392 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-06-04 09:34 - 2015-05-25 10:24 - 00347976 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-06-04 09:32 - 2015-06-04 09:32 - 14290738 _____ (HOW Inc. ) C:\Users\Amar\Downloads\FYTDSetup.exe
2015-06-04 09:32 - 2015-06-04 09:32 - 00000000 ____D C:\Users\Amar\AppData\Roaming\How Inc
2015-06-04 09:31 - 2015-06-04 09:32 - 01179136 _____ (How, Inc) C:\Users\Amar\Downloads\FreeYouTubeDownloaderOC.exe
2015-06-03 10:52 - 2015-06-03 10:53 - 29830402 _____ C:\Users\Amar\Downloads\PureBDcraft 128x MC18.zip
2015-06-03 10:07 - 2015-06-03 10:07 - 00995328 _____ C:\Users\Amar\Downloads\LISTA FIRMI na SP - follow up FEBRUAR (1).xls
2015-06-03 10:06 - 2015-06-03 10:07 - 00995328 _____ C:\Users\Amar\Downloads\LISTA FIRMI na SP - follow up FEBRUAR.xls
2015-06-03 10:05 - 2015-06-03 10:05 - 00645835 _____ C:\Users\Amar\Downloads\Dodatak (2).zip
2015-06-03 10:04 - 2015-06-03 10:04 - 00645835 _____ C:\Users\Amar\Downloads\Dodatak.zip
2015-06-03 10:04 - 2015-06-03 10:04 - 00645835 _____ C:\Users\Amar\Downloads\Dodatak (1).zip
2015-06-03 09:47 - 2015-06-03 09:48 - 01280677 _____ C:\Users\Amar\Downloads\noname.eml
2015-06-01 15:37 - 2015-06-17 17:48 - 00000000 ____D C:\Program Files\Common Files\ShopperPro
2015-06-01 15:37 - 2015-06-01 22:21 - 00004228 _____ C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313338343632363036342d3437415a556c2a3223346c41
2015-05-29 16:02 - 2015-05-29 16:03 - 00000000 ____D C:\Users\Amar\AppData\Roaming\NCH Software
2015-05-29 16:02 - 2015-05-29 16:02 - 00647232 _____ (NCH Software) C:\Users\Amar\Downloads\prismsetup.exe
2015-05-29 16:02 - 2015-05-29 16:02 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-05-29 16:02 - 2015-05-29 16:02 - 00000000 ____D C:\ProgramData\NCH Software
2015-05-29 15:57 - 2015-05-29 16:00 - 81350051 _____ C:\Users\Amar\Downloads\Motivation Music.mp4
2015-05-29 15:57 - 2015-05-29 15:57 - 00000000 ____D C:\Users\Amar\AppData\Roaming\LightningDownloader
2015-05-29 15:56 - 2015-05-29 15:56 - 00816504 _____ C:\Users\Amar\Downloads\UmmyVD-Web-Loader-[110].exe
2015-05-29 15:51 - 2015-06-12 10:15 - 00000000 ____D C:\Program Files (x86)\SystemPlus
2015-05-29 15:50 - 2015-05-29 15:50 - 00000000 ____D C:\ProgramData\ninpljdkpbifbcgphkipeonchoaleanf
2015-05-29 15:49 - 2015-06-12 15:43 - 00000000 ____D C:\ProgramData\{add68b0b-62d1-7a46-add6-68b0b62d2c2d}
2015-05-26 16:11 - 2015-05-26 16:23 - 00000000 ____D C:\Users\Amar\AppData\Roaming\Audacity
2015-05-26 15:32 - 2015-06-17 16:44 - 00000000 ____D C:\Program Files (x86)\FuunDeAls
2015-05-26 15:31 - 2015-05-26 15:31 - 00000000 ____D C:\Users\Amar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-05-26 15:11 - 2015-05-29 15:51 - 00000000 ____D C:\Program Files (x86)\SystemAid
2015-05-25 22:02 - 2015-06-15 21:12 - 00000418 _____ C:\Windows\Tasks\At1.job
2015-05-25 22:02 - 2015-06-08 21:12 - 00000000 ____D C:\Windows\SysWOW64\3045
2015-05-25 22:02 - 2015-05-25 22:02 - 00001646 _____ C:\Windows\System32\Tasks\At1
2015-05-25 21:59 - 2015-05-25 21:59 - 00003222 _____ C:\Windows\System32\Tasks\{7253B64A-D019-46B6-97B4-B95FF0D172B8}
2015-05-25 21:41 - 2015-05-25 21:41 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-05-25 20:59 - 2015-06-17 13:00 - 00000000 ____D C:\Users\Amar\AppData\Roaming\.minecraft
2015-05-24 17:55 - 2015-05-26 15:11 - 00000000 ____D C:\ProgramData\a76b387700005caa
2015-05-24 17:54 - 2015-05-24 17:54 - 00000000 _____ C:\Users\Amar\AppData\Local\Temp.dat
2015-05-24 17:30 - 2015-06-10 09:51 - 00000000 ____D C:\Users\Amar\Desktop\New folder
2015-05-24 17:03 - 2015-06-18 12:17 - 00002762 _____ C:\Windows\Tasks\d51e29ae-aa8a-41d2-b928-cdf3e6068f26-5_user.job
2015-05-24 17:02 - 2015-06-18 12:17 - 00002762 _____ C:\Windows\Tasks\d51e29ae-aa8a-41d2-b928-cdf3e6068f26-5.job
2015-05-24 17:02 - 2015-06-17 18:04 - 00000000 ____D C:\Program Files (x86)\Ge-Force
2015-05-24 17:02 - 2015-05-24 17:05 - 00000000 ____D C:\Users\Amar\AppData\Local\BrowserHelper
2015-05-24 17:02 - 2015-05-24 17:03 - 00005792 _____ C:\Windows\System32\Tasks\d51e29ae-aa8a-41d2-b928-cdf3e6068f26-5
2015-05-24 17:02 - 2015-05-24 17:02 - 00003718 _____ C:\Windows\System32\Tasks\SMupdate1
2015-05-24 17:01 - 2015-06-17 17:48 - 00000000 ____D C:\Program Files (x86)\ShopperPro
2015-05-24 17:01 - 2015-06-17 16:24 - 00000000 ____D C:\ProgramData\ShopperPro
2015-05-24 17:01 - 2015-06-01 22:21 - 00004192 _____ C:\Windows\System32\Tasks\ShopperPro
2015-05-24 17:01 - 2015-06-01 22:20 - 00003564 _____ C:\Windows\System32\Tasks\ShopperProJSUpd
2015-05-24 17:01 - 2015-05-24 17:01 - 00003490 _____ C:\Windows\System32\Tasks\SPDriver
2015-05-24 17:01 - 2015-05-24 17:01 - 00000000 ____D C:\Users\Public\Documents\ShopperPro
2015-05-24 17:00 - 2015-06-17 16:23 - 00000000 ____D C:\ProgramData\smdmf
2015-05-24 17:00 - 2015-05-24 17:00 - 00000000 ____D C:\Users\Amar\AppData\Local\CrashRpt
2015-05-24 17:00 - 2015-05-24 17:00 - 00000000 ____D C:\Program Files (x86)\Assets Manager
2015-05-24 16:53 - 2015-05-24 16:53 - 00002684 _____ C:\Users\Amar\Documents\Register Vegas Pro.htm
2015-05-24 16:49 - 2015-06-11 22:36 - 00000000 ____D C:\Users\Amar\AppData\Local\Sony
2015-05-24 16:48 - 2015-06-12 11:35 - 00000000 ____D C:\Users\Amar\AppData\Roaming\Sony
2015-05-24 16:24 - 2015-05-24 16:27 - 00000000 ____D C:\Users\Amar\AppData\Roaming\vlc
2015-05-24 16:22 - 2015-05-24 16:22 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-05-21 17:43 - 2015-05-21 17:43 - 00000000 ____D C:\Users\Amar\AppData\Local\Macromedia
2015-05-21 17:14 - 2015-06-11 22:06 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-21 17:14 - 2015-05-21 17:14 - 00000000 ____D C:\Users\Amar\AppData\Roaming\Mozilla
2015-05-21 17:14 - 2015-05-21 17:14 - 00000000 ____D C:\Users\Amar\AppData\Local\Mozilla
2015-05-21 17:14 - 2015-05-21 17:14 - 00000000 ____D C:\ProgramData\Mozilla
2015-05-21 17:14 - 2015-05-21 17:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-21 17:13 - 2015-06-17 16:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 12:31 - 2015-04-26 11:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-18 12:30 - 2015-05-18 17:02 - 00000024 _____ C:\Users\Amar\AppData\Roaming\appdataFr25.bin
2015-06-18 12:26 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-18 12:26 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-18 12:24 - 2009-07-14 07:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-18 12:17 - 2015-04-27 11:42 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-18 12:17 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-17 20:48 - 2015-04-20 22:56 - 02054818 _____ C:\Windows\WindowsUpdate.log
2015-06-17 20:48 - 2015-04-20 15:48 - 00000000 ____D C:\Users\Amar\AppData\Roaming\uTorrent
2015-06-17 19:52 - 2015-04-27 11:42 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-17 18:04 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-06-17 16:48 - 2015-04-20 14:30 - 00000000 ____D C:\Program Files (x86)\SallePluss
2015-06-17 16:48 - 2015-04-20 14:30 - 00000000 ____D C:\Program Files (x86)\SalePlus
2015-06-17 16:47 - 2015-05-13 12:31 - 00000000 ____D C:\Program Files (x86)\Outlookcom Notifier
2015-06-17 16:47 - 2015-05-13 12:30 - 00000000 ____D C:\Program Files (x86)\PrIceMinusu
2015-06-17 16:42 - 2015-05-13 12:31 - 00000000 ____D C:\Program Files (x86)\bestadblocker
2015-06-17 16:40 - 2015-05-13 12:29 - 00000000 ____D C:\ProgramData\{b205d4be-a04d-bac4-b205-5d4bea0452fa}
2015-06-17 15:51 - 2015-04-20 23:52 - 00000000 ____D C:\Windows\Panther
2015-06-16 17:21 - 2015-04-27 11:38 - 00000000 ____D C:\Users\Amar\AppData\Local\CrashDumps
2015-06-15 22:43 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-14 20:17 - 2015-04-20 15:49 - 00064416 _____ C:\Users\Amar\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-12 15:22 - 2015-04-27 11:28 - 00000000 ____D C:\ProgramData\TechSmith
2015-06-12 15:22 - 2015-04-20 14:01 - 00000000 ____D C:\Users\Amar
2015-06-12 14:57 - 2009-07-14 06:45 - 04852064 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-12 11:57 - 2015-04-27 11:35 - 00000000 ____D C:\Users\Amar\Documents\Camtasia Studio
2015-06-12 10:16 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-11 22:15 - 2015-04-27 10:22 - 00000000 ____D C:\ProgramData\Adobe
2015-06-11 22:12 - 2015-04-27 10:26 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-11 21:36 - 2015-04-20 14:02 - 00000000 ____D C:\Users\Amar\AppData\Local\VirtualStore
2015-06-11 21:09 - 2015-04-20 14:30 - 00000000 ____D C:\ProgramData\11374850354828519318
2015-06-10 17:31 - 2015-04-26 11:44 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-10 17:31 - 2015-04-26 11:28 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-10 17:31 - 2015-04-26 11:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-08 13:10 - 2015-05-09 17:37 - 00000000 ____D C:\Users\Amar\AppData\Roaming\Skype
2015-06-05 14:36 - 2015-04-27 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2015-05-29 16:54 - 2015-04-26 11:27 - 00000000 ____D C:\Users\Amar\AppData\Local\Adobe
2015-05-25 22:05 - 2015-04-20 14:09 - 00000000 ____D C:\Users\Amar\Desktop\Icons
2015-05-25 19:23 - 2015-05-14 19:16 - 00000000 ____D C:\Program Files\Google
2015-05-25 19:23 - 2015-04-20 14:10 - 00000000 ____D C:\Program Files (x86)\Google
2015-05-24 17:54 - 2015-04-20 14:10 - 00000000 ____D C:\Users\Amar\AppData\Local\Google
2015-05-24 17:34 - 2015-04-27 12:11 - 00003584 _____ C:\Users\Amar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-21 17:56 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-21 17:19 - 2015-05-03 11:47 - 00000000 ____D C:\Users\Amar\VirtualBox VMs
2015-05-21 17:19 - 2015-05-03 11:47 - 00000000 ____D C:\Users\Amar\.VirtualBox

==================== Files in the root of some directories =======

2015-06-05 11:06 - 2015-06-05 11:06 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-05-18 17:02 - 2015-06-18 12:30 - 0000024 _____ () C:\Users\Amar\AppData\Roaming\appdataFr25.bin
2015-04-27 12:11 - 2015-05-24 17:34 - 0003584 _____ () C:\Users\Amar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-24 17:54 - 2015-05-24 17:54 - 0000000 _____ () C:\Users\Amar\AppData\Local\Temp.dat
2015-06-08 23:30 - 2015-06-08 23:30 - 0000003 _____ () C:\Users\Amar\AppData\Local\updater.log
2015-06-08 23:30 - 2015-06-08 23:30 - 0000424 _____ () C:\Users\Amar\AppData\Local\UserProducts.xml

Files to move or delete:
====================
C:\Windows\Tasks\At1.job


Some files in TEMP:
====================
C:\Users\Amar\AppData\Local\Temp\InstHelper.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 19:06

==================== End of log ============================
DODATNI FAJLOVI (FRST i Addition):

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zdravo,

probacemo da pomognemo.

Uninstaliraj sledece programe:
Assets Manager
BondedBoot
Ge-Force
Outlookcom Notifier
SalePlus
Shopper-Pro

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

 
CreateRestorePoint:
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\MountPoints2: F - F:\LGAutoRun.exe
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\...\MountPoints2: {97bc34de-ffca-11e4-8ab1-001fd0d81833} - F:\LGAutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hppp&ts=143405.....Y1BAEJY1BX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=98115343_hao_pg
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=dspp&ts=14.....1BX&q={searchTerms}
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=98115343_hao_pg
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts=143405.....Y1BAEJY1BX
HKU\S-1-5-21-3894383191-3516363779-2002392177-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=dspp&ts=14.....1BX&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2578} URL = http://www.default-search.net/search?sid=578&a.....=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2578} URL = http://www.default-search.net/search?sid=578&a.....=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchtotal.info/?l=1&q={searchTerms}&pid=24457&r=2015/05/29&hid=1914874679025766387&lg=EN&cc=BA&unqvl=88
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=14.....1BX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.istartsurf.com/web/?utm_source=b&ut.....ult&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsurf.com/web/?utm_source=b&ut.....ult&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=14.....1BX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2578} URL =
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://www.istartsurf.com/web/?utm_source=b&ut.....ult&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.istartsurf.com/web/?utm_source=b&ut.....ult&q={searchTerms}
Toolbar: HKU\S-1-5-21-3894383191-3516363779-2002392177-1001 -> No Name - {42435041-352D-5350-00A7-7A786E7484D7} - No File
FF DefaultSearchEngine: istartsurf
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchtotal.info/?pid=24457&r=2015/05/29&hid=1914874679025766387&lg=EN&cc=BA&unqvl=88&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: istartsurf
FF SelectedSearchEngine,S: WebSearch
FF Homepage: about:home
FF Keyword.URL: hxxp://websearch.searchtotal.info/?pid=24457&r=2015/05/29&hid=1914874679025766387&lg=EN&cc=BA&unqvl=88&l=1&q=
FF user.js: detected! => C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\user.js [2015-06-17]
FF Plugin HKU\S-1-5-21-3894383191-3516363779-2002392177-1003: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll No File
FF SearchPlugin: C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\searchplugins\default-search.xml [2015-05-24]
FF SearchPlugin: C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\searchplugins\istartsurf.xml [2015-06-17]
FF SearchPlugin: C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\searchplugins\WebSearch.xml [2015-05-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2015-05-24]
FF Extension: DigISuaover - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\OL@A.net [2015-05-26]
FF Extension: The AdBlocker - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\olmlridtzwamkt@cnjembqhqbbpywfqbtd.net [2015-06-05]
FF Extension: QuickSearch - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\searchffv2@gmail.com [2015-06-11]
FF Extension: Search Enginer - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\sweetsearch@gmail.com [2015-06-11]
FF Extension: Ge-ForcePlus v3 - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\TTSD90021300@PYDKGV101145942.com [2015-06-17]
FF Extension: PriceMMinouS - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\x0yeZPO@rl.edu [2015-05-29]
FF Extension: Shopper-Pro - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2015-06-16]
FF SearchPlugin: C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\searchplugins\default-search.xml [2015-05-24]
FF SearchPlugin: C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\searchplugins\istartsurf.xml [2015-06-17]
FF SearchPlugin: C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\searchplugins\WebSearch.xml [2015-05-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2015-05-24]
FF Extension: DigISuaover - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\OL@A.net [2015-05-26]
FF Extension: The AdBlocker - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\olmlridtzwamkt@cnjembqhqbbpywfqbtd.net [2015-06-05]
FF Extension: QuickSearch - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\searchffv2@gmail.com [2015-06-11]
FF Extension: Search Enginer - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\sweetsearch@gmail.com [2015-06-11]
FF Extension: Ge-ForcePlus v3 - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\TTSD90021300@PYDKGV101145942.com [2015-06-17]
FF Extension: PriceMMinouS - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\x0yeZPO@rl.edu [2015-05-29]
FF Extension: Shopper-Pro - C:\Users\Amar\AppData\Roaming\Mozilla\Firefox\Profiles\jduq6fb8.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2015-06-16]
S2 SmdmFService; C:\Program Files (x86)\Assets Manager\smdmf\SmdmFService.exe [X]
S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe /service [X]
S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X] <==== ATTENTION
S3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41624 2015-06-01] ()
R2 SPDRIVER_1.42.1.1870; C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1870\jsdrv.sys [52376 2015-06-01] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S2 ba96e052; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\SystemPlus\SystemPlus.dll",serv
Task: {04E2788D-50BC-43CD-B299-AC39910F9DCF} - System32\Tasks\d51e29ae-aa8a-41d2-b928-cdf3e6068f26-5 => C:\Program Files (x86)\Ge-Force\d51e29ae-aa8a-41d2-b928-cdf3e6068f26-5.exe <==== ATTENTION
Task: {09AB0C44-72BA-4C98-A018-BD52B1B0F69B} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1870\jsdrv.exe <==== ATTENTION
Task: {529B29D5-592A-41F1-9F0B-6C377B878568} - System32\Tasks\d51e29ae-aa8a-41d2-b928-cdf3e6068f26-5_user => C:\Program Files (x86)\Ge-Force\d51e29ae-aa8a-41d2-b928-cdf3e6068f26-5.exe <==== ATTENTION
Task: {BFCAC6EF-4DD2-4CCF-995B-02AE75A27E0D} - System32\Tasks\At1 => C:\Windows\SysWOW64\mobsynnc.exe [2010-11-21] () <==== ATTENTION
Task: {C3EEF5DD-0FCB-4A22-B4D5-6D706DFBCFE6} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {D2347A15-203B-4772-8658-A0255D202E53} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION

Task: {DD1794BB-515C-42D0-8268-E660F409A7AF} - System32\Tasks\SPBIW_UpdateTask_Time_313338343632363036342d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {E700E114-90B8-458D-B512-0C5745EBA033} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {FE2402F3-1076-439C-8B6C-339834F36883} - System32\Tasks\ShopperPro => C:\Program Files (x86)\ShopperPro\ShopperPro.exe <==== ATTENTION
Task: {FF790CD7-7F02-476A-AFB1-437BD310449C} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\d51e29ae-aa8a-41d2-b928-cdf3e6068f26-5.job => C:\Program Files (x86)\Ge-Force\d51e29ae-aa8a-41d2-b928-cdf3e6068f26-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\d51e29ae-aa8a-41d2-b928-cdf3e6068f26-5_user.job => C:\Program Files (x86)\Ge-Force\d51e29ae-aa8a-41d2-b928-cdf3e6068f26-5.exe <==== ATTENTION
AlternateDataStreams: C:\Users\Amar\Downloads\noname.eml:OECustomProperty
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Evo fixlog:
https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Instalirao sam i pokrenuo scan proces. Program mi je učitao Tencnet Technology QQ i označio sam to za brisanje, uspješno je izbrisano. Hvala helen1.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Postavi mi log. Nismo jos zavrsili. To sto je tebi problem, je zapravo najmanji problem ovde.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Evo 4 puta sam scanirao evo vam zadnji log:
https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

 
autoclean;
emptyclsid;
emptyfolderscheck;delete
emptyalltemp;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da li ima problema?