MyCity » Ambulanta -> Arhiva Ambulante » Kada digne sistem treba mu vremena da se pokrene

Kada digne sistem treba mu vremena da se pokrene

Napisano na dan: 17.4.2015

Strana:
1
2

Kada digne sistem treba mu vremena da se pokrene

Pagination

Prethodna strana

Odgovori

Strana:
1
2

dejanod Poslao: 22 Apr 2015 15:08 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 22 Apr 2015 11:13 Neće da ga raspakuje dodje do 99% i svai je BROKEN raspakovani fajl ,a sa drugog linka izbacuje 404 De pagina is niet gevonden. Dopuna: 22 Apr 2015 15:08 Ovo je novi log za FRST.TXT što si tražio LastRegBack: 2015-04-16 14:56 ==================== End Of Log ============================ A ZOEK nisam raspakovao jer je u exe formatu ,samo sam ga prreuzeo sa prvog linka na DESTOP i pokrenuo na RUN SCRIPTi iskopirao ono što si mi rekao i evo logaod ZOEK-a Zoek.exe v5.0.0.0 Updated 08-April-2015 Tool run by dejan on sre 22.04.2015 at 14:43:23,18. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\dejan\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 22.4.2015 14:45:10 Zoek.exe System Restore Point Created Successfully. ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Program Files\AVG\AVG2015\avgwdsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe C:\Program Files\Folder Guard\FG32.exe C:\Windows\system32\NlsSrv32.exe C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC.exe C:\Program Files\AVG\AVG2015\avgui.exe C:\Program Files\TeamViewer\TeamViewer_Service.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\ctfmon.exe C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\dejan\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\conhost.exe C:\Windows\system32\vssvc.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k swprv ==== Services(whitelist) ====================== Powered by E Dev R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files\common files\adobe\arm\1.0\armsvc.exe R2 - [avgwd] - AVG WatchDog - c:\program files\avg\avg2015\avgwdsvc.exe R2 - [FirebirdGuardianDefaultInstance] - Firebird Guardian - DefaultInstance - c:\program files\firebird\firebird_2_5\bin\fbguard.exe R2 - [Folder Guard] - Folder Guard - c:\program files\folder guard\fg32.exe R2 - [nlsX86cc] - Nalpeiron Licensing Service - c:\windows\system32\nlssrv32.exe R2 - [PhoneMyPC_Helper] - PhoneMyPC_Helper - c:\program files\softwareforme inc\phonemypc\phonemypc_helper.exe R2 - [TeamViewer] - TeamViewer 10 - c:\program files\teamviewer\teamviewer_service.exe R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [FirebirdServerDefaultInstance] - Firebird Server - DefaultInstance - c:\program files\firebird\firebird_2_5\bin\fbserver.exe R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S2 - [avgfws] - AVG Firewall - c:\program files\avg\avg2015\avgfws.exe S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files\avg\avg2015\avgidsagent.exe S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe S2 - [gupdate] - Google Update Service (gupdate) - c:\program files\google\update\googleupdate.exe S2 - [SkypeUpdate] - Skype Updater - c:\program files\skype\updater\updater.exe S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files\google\update\googleupdate.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [wampapache] - wampapache - c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe S3 - [wampmysqld] - wampmysqld - c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S4 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework\v4.0.30319\aspnet_state.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe ==== Drivers(whitelist) ====================== Powered by E Dev R0 - [AVGIDSHX] - AVGIDSHX - C:\Windows\system32\Drivers\AVGIDSHX.sys R0 - [Avglogx] - AVG Logging Driver - C:\Windows\system32\Drivers\Avglogx.sys R0 - [Avgmfx86] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx86.sys R0 - [Avgrkx86] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx86.sys R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys R3 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys R0 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x] R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys R0 - [Disk] - Disk Driver - C:\Windows\system32\Drivers\Disk.sys R0 - [fvevol] - Bitlocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys R0 - [intelide] - intelide - C:\Windows\system32\Drivers\intelide.sys R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys R0 - [sptd] - sptd - C:\Windows\system32\Drivers\sptd.sys R0 - [storflt] - Disk Virtual Machine Bus Acceleration Filter Driver - C:\Windows\system32\Drivers\storflt.sys [x] R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-04-02 18:41:09 EA3ECB92A2EA3A42273CB3B308CA1A5B 156910 ----a-w- C:\Windows\WMSysPr8.prx 2015-03-28 18:54:32 4F2744EFD0FBB07F1E0405687A9A284E 84 ----a-w- C:\Windows\csact.ini 2015-03-26 14:32:53 848293322FCCBD08408CD5A7C175D1C3 813 ----a-w- C:\Windows\psb_raster.ini ====== C:\Users\dejan\AppData\Local\Temp ==== ====== Java Cache ===== 2015-04-08 22:35:10 B5DC25075673F6D903BB3A86D1206E1E 435 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\3698a8cb-2a4ef4f9d7869b9557d51057fc4c903158bd7d81a4964b131c2930af863ce3d8-6.0.lap 2015-04-18 22:11:48 C3802409E4D9DBEC82330569A7BA6F2F 19616 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\6c77b78c-6f4579d2 2015-04-09 21:54:02 8E3E9940D765292AF2C25F9068E9E4C7 435 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\1666130e-e18fefd3a50a045bb06029e33148d2881546e6f686edd37b53856b401dffb6dd-6.0.lap 2015-04-07 20:19:30 5F03A8D1F8A60E047A94A2D7C19B872A 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\2f78dd0e-82934e6dfa884556018d660d294cda9cb82296521a11bf3d7e1f69e9557c1255-6.0.lap 2015-04-07 20:41:36 9D55632B27FD824BC7F46D76C75E0994 435 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\6b5b5e92-204e1779b6c4ed9741c8eddab92dc3da6c5555b88ab57fac1fcd8a5ea1422b3f-6.0.lap 2015-04-16 20:52:01 D5A2794C10E9D271402BC24583229E39 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\5c59cc2-725928f5e2503d5b6b87d163baa7157a2b002cfb9a8224736debc0de4f2c880b-6.0.lap 2015-03-25 21:58:04 C3802409E4D9DBEC82330569A7BA6F2F 19616 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\6b612055-10a315f0 2015-03-30 19:45:52 7E2CC5FF024A6C1A97548151C757DFE1 85 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\63f78d56-31098dff869c1fe35889c4991833d000f8ab703b356046bcdbea85c577039c1c-6.0.lap 2015-04-06 21:35:54 5DFCEFE0E45352645E0CEFA1A081CEB0 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\4b37f8d8-9e9a464fa0e53fdb5b531065424ca111e1fefb76c6d7f93432d6bb5c0155e653-6.0.lap 2015-04-05 20:10:57 4502E47CACB12A55DB3ECB644DA1AF62 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\1418ea5d-2459f6ed1c90b2d748ba4509a69c2ece2ff326a726943f1afdc9b3f1049aeddb-6.0.lap 2015-03-23 23:55:57 412106911C533F16ABF4E4599C78ECEA 420 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\2220739d-9f874576140d13167798feb784fa639801b324f3a64baef7551bb3eccd261463-6.0.lap 2015-03-29 21:59:02 45AAF5C391EFFAD323ADA14A3FADC588 96 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\21e3e65f-cc5e54327a0830fe2ba225ba5eb935af44fde92987d68ee87560146b518110c5-6.0.lap 2015-03-31 22:30:50 7838042649FB38AD53EA48ABBB1C99F5 435 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\1ece5a0-24304d4ca95c7751b984bbbe17d03f6b5836ba0afcd412c90da3737d3508bcce-6.0.lap 2015-04-19 16:42:32 C3802409E4D9DBEC82330569A7BA6F2F 19616 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\484e10e0-31f02bcf 2015-04-03 19:24:38 EAA2DB32B5ED8777CFC4E20EE4AF780A 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\6999cca3-55ad1f6bbeb518a5ab8cb78cfbbdc92c43d5297982784d25b9e9d6ff0ca583d7-6.0.lap 2015-03-24 22:32:23 6AA4703D4270B6FFB08A89775C37E952 420 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\2b98a7a4-53ab9c56300dcd879ac59d7934d1ffc200ff167d554a0b5527b6f6dad9962ca3-6.0.lap 2015-04-16 18:06:03 21D58E09B23A20A7BD82A5F100249FAC 435 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\854b365-b53af2c0bb9e806adc0a64e22bd42a2d9203465ba62046bc11de4fc6e119b76a-6.0.lap 2015-04-09 22:02:09 9EA647720E965DB0F39056C617928FE9 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\40f0e0c4-9a58e31f83ce681766775de4b0b8330457a995e6b17311153e7dbce061109454-6.0.lap 2015-04-17 23:44:23 84C126CFEE6FD1C65FBB90E3A385EA98 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\46d853ea-097f610551678998dc87385579fe9535a7bf35f11bccdfa7fb2e74cbb594cce9-6.0.lap 2015-03-27 23:39:56 095DFA3CD00E5C9680BBFF6DAF4D0CA9 420 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1a4af16b-da154c32b1590f3bf3f9e01f99b0ad222c3cac4057da2c8391141da219d8d487-6.0.lap 2015-04-17 21:21:11 D1A8C25D8DE7EB1AABB7D1FD0624BD41 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\283dd26b-6d0d0e9658a89a73534146ac749ee8417589daef30224486ca08c6d2cb3a0b68-6.0.lap 2015-03-28 21:03:57 E1130609F9FED0A46DF85C1631DCE6C9 37 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\79e7ffae-5a9d8c252ef09c6e27bd4fc47bd24716c323114698c2534733fef17c2122faa4-6.0.lap 2015-04-17 23:53:28 B655967AB8192B49DB5A45CE26E99C7C 19601 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\4b1b2cf0-31bad7b4 2015-04-17 23:53:47 FF6F62108A1FAEA00BFF044EF101494E 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\4e9bd705-ec90673550bf81062cf0dbae21fb25849dbb1770dca5cf172485f6ab4673e113-6.0.lap 2015-03-31 23:16:59 89F1FBFFAE0E2F50668D05E0E9B8B2C2 441 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\59f79db4-6d25d9230d6e02a6a018b419115f439fda8add34fecec2a12553c47c1057ed67-6.0.lap 2015-03-29 21:56:53 E17158D5D7371844CFA8030AF5716750 96 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\4169cc76-bc775a8a97b9ab306fb504c62aa3280615f14498bfb41747fef9d685e6ddb79c-6.0.lap 2015-04-17 21:17:52 A7CE00D5E35AF49DC7B7A251C2EF9CE3 435 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\52b7bc78-0c0f1664c1aa6f7f20cfc690e8a0511b4d09bcf87a95dc93701f149bef64f0b6-6.0.lap 2015-04-07 20:31:06 9D21B9808C1C8DC38AF8580F1287688F 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\69ac6fba-12901cb80d448299c6c2d06f42b3dae447b0d493d5cb420abeb727c5088b902b-6.0.lap 2015-03-27 22:32:05 9F760740A1B576C30CC769D706334197 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\b88aefb-5bbd8a8af9adc5d8b7f8413afea3262cdff8c75368d2684b86e97e7cae365788-6.0.lap 2015-04-19 20:35:27 28970C169368715D8644EEEE8852278F 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\1409486-3fc25bd7da3e16aad330c60ab8f21493f6fd165e4b4e7373e2ccc68ab286e22c-6.0.lap 2015-04-07 20:21:41 4CC2CC8C55FE18607D425E8267788D9D 421 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\1c211abd-3bb23a95aeefa698679b9ec8c2cf8f6c903e5239e790c9584bbd0c9e1f4c01fe-6.0.lap 2015-04-21 22:17:49 C3802409E4D9DBEC82330569A7BA6F2F 19616 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\18cf85fe-16ce455b 2015-03-30 19:39:45 EA5B584F6BBDCEDE2B9BA92C5129F4FB 85 ----a-w- C:\Users\dejan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\595405be-31260e7ae2e6a3e6697b56d46147e8a8a0051b002d6ac5f015066d315ca9a58e-6.0.lap ====== C:\Windows\system32 ===== 2015-04-15 21:24:59 E51E2C5EED4CE667D2CF06E56AC6FF1C 896000 ----a-w- C:\Windows\System32\aeinv.dll 2015-04-15 21:24:59 98F09936B1C397987268D6F2F3D869DB 26112 ----a-w- C:\Windows\System32\acmigration.dll 2015-04-15 21:24:59 87D7FF1217B32CD069DAF079686F43AE 630784 ----a-w- C:\Windows\System32\invagent.dll 2015-04-15 21:24:59 76F800C6046B439799C3A4120A0B398A 576000 ----a-w- C:\Windows\System32\generaltel.dll 2015-04-15 21:24:59 5F823C55FB9761F1236AF48DFF630353 860160 ----a-w- C:\Windows\System32\appraiser.dll 2015-04-15 21:24:58 90D6FA9DB9502FC992D260DE4CB944C7 331264 ----a-w- C:\Windows\System32\devinv.dll 2015-04-15 21:24:57 EF63EDC07D444AC4B6E88CA6E2841737 159744 ----a-w- C:\Windows\System32\aepic.dll 2015-04-15 21:24:57 896850F7D6E6E95DC5BE0F192E05CD0E 202752 ----a-w- C:\Windows\System32\aepdu.dll 2015-04-15 21:24:53 D824C1C235349B67E652A5CA70D1AA49 58880 ----a-w- C:\Windows\System32\clfsw32.dll 2015-04-15 21:24:53 33A60554882FDF59CDA3E1806370BBA1 249784 ----a-w- C:\Windows\System32\clfs.sys 2015-04-15 21:24:30 2E5F8CB2EDB36F404D0111471D934B70 1306112 ----a-w- C:\Windows\System32\ntdll.dll 2015-04-15 21:24:30 11896E75E1A118ABFAD126BEB650A189 3920824 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-04-15 21:24:28 A6A644BFAE31F111F35F8C3C7BA2A8A0 3976632 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2015-04-15 21:24:27 CC1253300191D95BD97DFAFEFF2DF448 1061376 ----a-w- C:\Windows\System32\lsasrv.dll 2015-04-15 21:24:27 BC09159AFF6639DB2CB28058731199F0 248832 ----a-w- C:\Windows\System32\schannel.dll 2015-04-15 21:24:26 DB7CFA08957C94F6CFAA0DBB8BE4B906 550912 ----a-w- C:\Windows\System32\kerberos.dll 2015-04-15 21:24:26 4611A40E1A94E6EBE9885EA609F3D13E 400896 ----a-w- C:\Windows\System32\srcore.dll 2015-04-15 21:24:26 0C01746013943D7E7EE86B920ADFB50D 262656 ----a-w- C:\Windows\System32\rstrui.exe 2015-04-15 21:24:25 A057B61F8A553F6DA38563597FA3676B 65536 ----a-w- C:\Windows\System32\TSpkg.dll 2015-04-15 21:24:25 56977F27A96383E2A6C8BACEFC17E9CA 259584 ----a-w- C:\Windows\System32\msv1_0.dll 2015-04-15 21:24:25 485436C2A90318218777401FB973558C 69632 ----a-w- C:\Windows\System32\smss.exe 2015-04-15 21:24:25 2DE438AE95C59FB33B3E4E34827C1100 221184 ----a-w- C:\Windows\System32\ncrypt.dll 2015-04-15 21:24:24 FFE76FCFE98544EAD36591569E6E31AD 15872 ----a-w- C:\Windows\System32\sspisrv.dll 2015-04-15 21:24:24 B68B44D003D3FF5E245F6B3761496082 38912 ----a-w- C:\Windows\System32\csrsrv.dll 2015-04-15 21:24:24 A169307F0105183092F2AEDA9A8BD15D 43008 ----a-w- C:\Windows\System32\srclient.dll 2015-04-15 21:24:24 981CE3E3A653511799F4A862494B66A8 22528 ----a-w- C:\Windows\System32\lsass.exe 2015-04-15 21:24:24 6F8CEB8115737D2E049804B191AE41A9 50176 ----a-w- C:\Windows\System32\auditpol.exe 2015-04-15 21:24:24 655C88135254C78E6FB66B6C2F6AC5DA 172032 ----a-w- C:\Windows\System32\wdigest.dll 2015-04-15 21:24:24 10214DD52E67433BEF72E1D75AE0F32F 100352 ----a-w- C:\Windows\System32\sspicli.dll 2015-04-15 21:24:23 C557EB6CD735B4EE5076EA289B02CEAC 6656 ----a-w- C:\Windows\System32\apisetschema.dll 2015-04-15 21:24:23 6A9FFEF19C4F8F2E9082A50BB07ECDF1 22016 ----a-w- C:\Windows\System32\secur32.dll 2015-04-15 21:24:23 47A1F23EE40C2389FCD53E9D5CEA3430 17408 ----a-w- C:\Windows\System32\credssp.dll 2015-04-15 21:24:22 C0693456929F40833B9CC36C9CF7E3A8 146432 ----a-w- C:\Windows\System32\msaudite.dll 2015-04-15 21:24:22 4B21D227B191A6305087BDD6BB19220F 60416 ----a-w- C:\Windows\System32\msobjs.dll 2015-04-15 21:24:22 2E0F849B7BF17969E45881FA4EB9B487 686080 ----a-w- C:\Windows\System32\adtschema.dll 2015-04-15 21:23:35 172D2960EF38795D2819A35268672F3D 305152 ----a-w- C:\Windows\System32\gdi32.dll 2015-04-15 21:23:27 92CF8BC1B198C01CDC55A1A91E510700 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2015-04-15 21:23:26 9A2B138118A27A2EB3FE71EDB55ED142 102912 ----a-w- C:\Windows\System32\ieetwcollector.exe 2015-04-15 21:23:26 8CD57250F538CFFA0D5DCA9773AEDCAB 47616 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2015-04-15 21:23:25 D9E187C07D2E847B38A07EEDD4CC7967 685568 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-04-15 21:23:25 BA897AB3BC3DBC25829946EBA487496C 30720 ----a-w- C:\Windows\System32\iernonce.dll 2015-04-15 21:23:24 EEC060949BC1863A30F72EB28D2C1E2F 667648 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2015-04-15 21:23:24 89CACDF654626F1948BF6C19A6D610BE 342704 ----a-w- C:\Windows\System32\iedkcs32.dll 2015-04-15 21:23:23 8127C2EE2E287BB3AB7843F9923B62BD 1311232 ----a-w- C:\Windows\System32\urlmon.dll 2015-04-15 21:23:22 1DFA1B4968C4E9E23CD6E68AF9CC063F 47104 ----a-w- C:\Windows\System32\jsproxy.dll 2015-04-15 21:23:21 B7BFB7C2970DF5E779FF729C037BD8E4 115712 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-04-15 21:23:21 A305BEDA0CD8304102BFBBA0EB2A48CA 620032 ----a-w- C:\Windows\System32\jscript9diag.dll 2015-04-15 21:23:21 2B5DD86A4B6E92E5A79C479C0652E727 418304 ----a-w- C:\Windows\System32\dxtmsft.dll 2015-04-15 21:23:21 01C2BB4C13E6E0AF50867BCE8EE8A03E 710144 ----a-w- C:\Windows\System32\ieapfltr.dll 2015-04-15 21:23:20 EC442CB6F2D08F4FAA6BA68A23B82383 689152 ----a-w- C:\Windows\System32\msfeeds.dll 2015-04-15 21:23:19 CA4F96D21BEF43DE9407210CFF76FCEA 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2015-04-15 21:23:17 8A083313C1F7F50098D1D4F2FC092BD1 2052608 ----a-w- C:\Windows\System32\inetcpl.cpl 2015-04-15 21:23:16 2396395B6F563158BEC2E0526D7F6CD2 168960 ----a-w- C:\Windows\System32\msrating.dll 2015-04-15 21:23:15 8E30C9B4E16C23211F1DD02B517E4FA8 62464 ----a-w- C:\Windows\System32\iesetup.dll 2015-04-15 21:23:12 C46904F2E9E121A91DDDABB48D7648C3 1888256 ----a-w- C:\Windows\System32\wininet.dll 2015-04-15 21:23:12 2CBD6D22499EB13A2666F62EF33D00E2 16303 ----a-w- C:\Windows\System32\ieuinit.inf 2015-04-15 21:23:12 0A5B7C0B5A754BBACD53DFFA53A0E47B 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2015-04-15 21:23:09 CD91FE4F2718A88FC1C9C9C2E73EABB2 285696 ----a-w- C:\Windows\System32\dxtrans.dll 2015-04-15 21:23:07 94D64C343FE6341430A4C61BC490FEBF 478208 ----a-w- C:\Windows\System32\ieui.dll 2015-04-15 21:23:06 AE8A9FCDC135F681EFE9135929CF4A7B 12825600 ----a-w- C:\Windows\System32\ieframe.dll 2015-04-15 21:23:01 B55293D48979DADE6049944C252A3BDB 340992 ----a-w- C:\Windows\System32\html.iec 2015-04-15 21:23:00 D730BA653F9F95EC044F6636E6E45905 76288 ----a-w- C:\Windows\System32\mshtmled.dll 2015-04-15 21:22:59 BDE9AA78B575CDA7C946A725926021F7 1155072 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2015-04-15 21:22:57 DC155C2C14DC69EA400020CF92895873 64000 ----a-w- C:\Windows\System32\MshtmlDac.dll 2015-04-15 21:22:56 77104FDBBD821F2D73338D9370675EF3 2278400 ----a-w- C:\Windows\System32\iertutil.dll 2015-04-15 21:22:52 2F42037DD6F2831332653EB7F35D7E9A 19695616 ----a-w- C:\Windows\System32\mshtml.dll 2015-04-15 21:22:49 7776F3DA2B1AEDC2DA226F726B1E9A01 503296 ----a-w- C:\Windows\System32\vbscript.dll 2015-04-15 21:22:48 43A5A38E45F0D4FA02A0CCD51244AA17 4305408 ----a-w- C:\Windows\System32\jscript9.dll 2015-04-15 21:22:22 CFF96E0CE6F81F5968A6D61786642855 131584 ----a-w- C:\Windows\System32\wuauclt.exe 2015-04-15 21:22:22 751C4859FD46A1461B3FB57252F541D8 33792 ----a-w- C:\Windows\System32\wuapp.exe 2015-04-15 21:22:22 3096CA2455ECDEF83A90F2384BD305D3 3088384 ----a-w- C:\Windows\System32\wucltux.dll 2015-04-15 21:22:22 131BDD454DD1AA5BF732886DA6A3B0FA 11776 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll 2015-04-15 21:22:21 E981C27FA6C2F45C135DB4AF78D6FE1F 92672 ----a-w- C:\Windows\System32\wudriver.dll 2015-04-15 21:22:21 C7E498E41D92CF8C2EAED9995781A7F7 29696 ----a-w- C:\Windows\System32\wups.dll 2015-04-15 21:22:21 9D68CE45935C439D5082ECB56902124D 566784 ----a-w- C:\Windows\System32\wuapi.dll 2015-04-15 21:22:21 0430D8CE2C251BAD25CF809CEA3D2153 35328 ----a-w- C:\Windows\System32\wups2.dll 2015-04-15 21:22:21 031C03C9639CE0D294695968C68A5775 173056 ----a-w- C:\Windows\System32\wuwebv.dll 2015-04-15 21:22:20 7E5C454A3F986FEBAD075DB8D915917E 2020864 ----a-w- C:\Windows\System32\wuaueng.dll 2015-04-15 21:22:20 124FD729FB2B621EB32E9B34B8D49A34 50176 ----a-w- C:\Windows\System32\WinSetupUI.dll 2015-04-15 21:22:01 DA5B856A037872BE089CA6967C7050C5 1237504 ----a-w- C:\Windows\System32\msxml3.dll 2015-04-15 21:22:00 78492CF3C3697FB5AF4EAABB2BAF8595 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2015-04-15 21:15:37 26A21929911044C5875847D5EA4E27A8 17189552 ----a-w- C:\Windows\System32\FlashPlayerInstaller.exe ====== C:\Windows\system32\drivers ===== 2015-04-15 21:24:27 D800E1EAF33630A1636BB21E8256AA92 137656 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2015-04-15 21:24:25 746F89CE0C6569C589E6AC4D3DA82D41 67512 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2015-04-15 21:22:05 487569E5DA56A5A432FF8AF6D3599CF9 514560 ----a-w- C:\Windows\System32\drivers\http.sys 2015-03-28 13:12:52 9D64F92B469682B98C7271470E1F0143 29696 ----a-w- C:\Windows\System32\drivers\lgandnetmodem.sys 2015-03-28 13:12:51 F05EF173B5229C40EF44D5186DACB60B 15744 ----a-w- C:\Windows\System32\drivers\lgandnetbus.sys 2015-03-28 13:12:51 8EA216BAF8C002C365A32C70B1C187F4 24576 ----a-w- C:\Windows\System32\drivers\lgandnetdiag.sys ====== C:\Windows\Tasks ====== 2015-04-18 21:41:46 EDE87384B27ED1E76EAE5D3FB9FC0401 3662 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2015-04-18 21:41:46 C7D37C6A197F326E631CDD5BD1D69AFE 3914 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2015-04-18 21:41:46 AF6170CE2AA4DAA4470395EC45EA4BD8 914 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-18 21:41:46 43ECB877FA189F55775B8DEE88772930 918 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-30 16:25:12 -------- d-----w- C:\Windows\system32\Tasks\NCH Software ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-04-08 13:41:42 -------- d-----w- C:\Program Files\SalEPlues 2015-04-08 13:36:21 -------- d-----w- C:\Program Files\SSaleePluss 2015-04-02 19:17:35 -------- d-----w- C:\Program Files\Free Codec Pack 2015-04-02 19:17:25 -------- d-----w- C:\Program Files\DVDVideoSoft 2015-04-02 19:17:25 -------- d-----w- C:\Program Files\Common Files\DVDVideoSoft 2015-04-02 19:07:53 -------- d-----w- C:\Program Files\Movie Maker 2.6 2015-04-02 18:41:10 -------- d-----w- C:\Program Files\Common Files\FlashIntegro 2015-04-01 16:11:47 -------- d-----w- C:\Program Files\SoftwareForMe Inc 2015-03-30 16:49:18 -------- d-----w- C:\Program Files\Common Files\Web Solution Mart 2015-03-30 16:25:04 -------- d-----w- C:\Program Files\NCH Software 2015-03-30 13:32:34 -------- d-----w- C:\Program Files\Defraggler 2015-03-28 20:02:29 -------- d-----w- C:\Program Files\Unlocker 2015-03-28 18:54:19 -------- d-----w- C:\Program Files\CyberScrub Privacy Suite 2015-03-28 18:27:26 -------- d-----w- C:\Program Files\Folder Guard 2015-03-28 17:59:21 -------- d-----w- C:\Program Files\Folder Password Expert 2015-03-28 17:54:17 -------- d-----w- C:\Program Files\Lock Folder XP ======= C: ===== ====== C:\Users\dejan\AppData\Roaming ====== 2015-04-18 21:49:02 -------- d-----w- C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome ?????????? 2015-04-08 13:40:05 -------- d-----w- C:\Users\dejan\AppData\Roaming\EZDownloader 2015-04-02 19:08:35 -------- d-----w- C:\Users\dejan\AppData\Local\WMTools Downloaded Files 2015-04-02 18:41:51 -------- d-----w- C:\Users\dejan\AppData\Roaming\FlashIntegro 2015-04-02 18:41:49 -------- d-----w- C:\Users\dejan\AppData\Roaming\VideoEditor 2015-04-02 18:24:51 -------- d-----w- C:\Users\dejan\AppData\Roaming\avidemux 2015-04-02 18:07:09 -------- d-----w- C:\Users\dejan\AppData\Local\HighAndes 2015-03-30 16:25:15 85ACB1D5A29E488CD9A45459F859B137 126013 ----a-w- C:\Users\dejan\AppData\Roaming\VideoPad.dmp 2015-03-30 16:25:12 -------- d-----w- C:\Users\dejan\AppData\Roaming\NCH Software 2015-03-29 21:32:31 -------- d-----w- C:\Users\dejan\AppData\Local\Reincubate_Ltd 2015-03-28 20:02:29 -------- d-----w- C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2015-03-28 18:55:04 -------- d-----w- C:\Users\dejan\AppData\Roaming\CyberScrub 2015-03-28 18:29:15 -------- d-----w- C:\Users\dejan\AppData\Local\Folder Guard 2015-03-28 18:27:29 -------- d-----w- C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Folder Guard 2015-03-24 14:26:16 -------- d-----w- C:\Users\dejan\AppData\Locallow\Temp ====== C:\Users\dejan ====== 2015-04-21 18:05:15 C765F19FB36C4C140DDB6FC2556DF438 1139200 ----a-w- C:\Users\dejan\Desktop\FRST.exe 2015-04-20 16:38:06 AF6885AE1FA8FCCCC68E0C74B44C3205 17225592 ----a-w- C:\Users\dejan\Downloads\LGFT2014.exe 2015-04-19 16:32:59 4CEBFBDD7756C30B54AD0EBCBAFE420E 6196576 ----a-w- C:\Users\dejan\Downloads\FileZilla_3.10.3_win32-setup.exe 2015-04-18 21:43:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-04-18 21:41:15 E5DE3B848E38E6A1EDE06CE436F1F1C5 880208 ----a-w- C:\Users\dejan\Downloads\ChromeSetup.exe 2015-04-18 16:48:51 0EFDC1550592DC0C4E73AFFB54B35C3E 2217984 ----a-w- C:\Users\dejan\Desktop\adwcleaner_4.201.exe 2015-04-09 19:10:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer 2015-04-09 10:19:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkipSoft Android ToolKit 2015-04-08 13:42:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader 2015-04-08 13:41:18 -------- d-----w- C:\ProgramData\lpknfjaeigcmaopebplbeicakpilhebd 2015-04-08 13:35:20 -------- d-----w- C:\ProgramData\elmcfjljiglccigjnbmclokjfaanhdll 2015-04-08 13:34:29 -------- d-----w- C:\ProgramData\{aebadf42-fe1e-7474-aeba-adf42fe17d0b} 2015-04-02 19:21:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-04-02 18:07:08 -------- d-----w- C:\ProgramData\HighAndes 2015-04-01 16:37:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftwareForMe 2015-03-30 16:25:04 -------- d-----w- C:\ProgramData\NCH Software 2015-03-30 13:32:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler 2015-03-28 18:54:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberScrub Privacy Suite 2015-03-28 18:27:49 -------- d-----w- C:\ProgramData\Folder Guard 2015-03-28 12:52:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool 2015-03-28 12:51:54 -------- d-----w- C:\ProgramData\LGMOBILEAX ====== C: exe-files == === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files\AVG\AVG2015\avgui.exe /TRAYONLY" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Creative Cloud] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Creative Cloud" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Adobe Creative Cloud\\ACC\\Creative Cloud.exe\" --showwindow=false --onOSstartup=true" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUS EPM tray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EaseUS EPM tray" "hkey"="HKLM" "command"="C:\\Program Files\\EaseUS\\EaseUS Partition Master 10.1\\bin\\EpmNews.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUS EPM Tray Agent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EaseUS EPM Tray Agent" "hkey"="HKLM" "command"="\"C:\\Program Files\\EaseUS\\EaseUS Partition Master 10.1\\bin\\TrayPopupE\\TrayTipAgentE.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FG_Monitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FG_Monitor" "hkey"="HKLM" "command"="C:\\Program Files\\Folder Guard\\FG32.exe /Start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_8BAC0AC64CF025414AE80B43C98D6F2A] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleChromeAutoLaunch_8BAC0AC64CF025414AE80B43C98D6F2A" "hkey"="HKCU" "command"="\"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IDMan] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IDMan" "hkey"="HKCU" "command"="C:\\Program Files\\Tonec\\IDMan.exe /onboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Privacy Suite RiskMonitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Privacy Suite RiskMonitor" "hkey"="HKCU" "command"="\"C:\\Program Files\\CyberScrub Privacy Suite\\Launch.exe\" \"C:\\Program Files\\CyberScrub Privacy Suite\\CSRiskMon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\se] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="se" "hkey"="HKCU" "command"="C:\\Users\\user\\AppData\\Roaming\\SkypEmoticons\\SE.exe /minimized " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SPDriver] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SPDriver" "hkey"="HKCU" "command"="C:\\Program Files\\ShopperPro\\JSDriver\\1.37.0.1323\\jsdrv.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UnlockerAssistant] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UnlockerAssistant" "hkey"="HKLM" "command"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\dejan\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vProt] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="vProt" "hkey"="HKLM" "command"="\"C:\\Program Files\\AVG Web TuneUp\\vprot.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="YTDownloader" "hkey"="HKLM" "command"="\"C:\\Program Files\\YTDownloader\\YTDownloader.exe\" /boot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Adobe Gamma Loader.lnk" "backup"="C:\\Windows\\pss\\Adobe Gamma Loader.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE " "item"="Adobe Gamma Loader" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^dejan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WindowsLGFirmwareExtract-1.2.1.0-Release.zip.lnk] "item"="WindowsLGFirmwareExtract-1.2.1.0-Release.zip" "path"="C:\\Users\\dejan\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\WindowsLGFirmwareExtract-1.2.1.0-Release.zip.lnk" "backup"="C:\\Windows\\pss\\WindowsLGFirmwareExtract-1.2.1.0-Release.zip.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\ProgramData\\{aebadf42-fe1e-7474-aeba-adf42fe17d0b}\\WindowsLGFirmwareExtract-1.2.1.0-Release.zip.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15.04.2015 22:51] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18.04.2015 23:41] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18.04.2015 23:41] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 35" ["%ProgramFiles%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default user_pref("browser.startup.homepage", "http://ww.google.com/"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default - EHTip - %ProfilePath%\extensions\ehtip@robertkatic - Undetermined - %ProfilePath%\extensions\firefox@mega.co.nz.xpi - HyperTranslate - %ProfilePath%\extensions\hypertranslate@mdc.com.xpi - Undetermined - %ProfilePath%\extensions\{5afc0857-ce93-471c-9a00-b6247890dc1d}.xpi - DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default 0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat EC34DA8DB1BEB238C31DA80BBA7CD1C9 - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - AdobeAAMDetect 9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 98137411B9C632095F919E2CE70B288A - C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update 14D06C3796CE3F6BA8F43CDF3AD65D76 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U67 0A6E5E3BEF374AA2F47071E7374EAD7B - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.670.1 9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash 2955CAAF499DF93CB8870B76E8C9D9C3 - C:\Program Files\Verimatrix\ViewRight Web\npViewRight.dll - Verimatrix ViewRight 528C34F569285E55CCB56A4A83E05352 - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - AdobeAAMDetect ==== Chromium Look ====================== Google Chrome Version: 42.0.2311.90 (Possible outdated, latest Stable version: 41.0.2272.118) [z-db] HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ngpampappnmepgilojfohadhhmbhlaek - C:\Program Files\Internet Download Manager\IDMGCExt.crx[] GoSaove - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ednodhldjchhmhfppjpgkbkmpfhikhih GoSaove - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ednodhldjchhmhfppjpgkbkmpfhikhih GoSave - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gcjhjeabadcoieipbebhhhfakpfbnlbd GoSave - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gjjfmejpmilieieanilklbjjalhiodob GoSave - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hahgdlkjbfmbkgilljfflhdibmgaahim GoSave - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jklnjbmhnhepnicbojgkieibakgpddkp GoSave - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbldcppfddgndkfhpfmfgpnkodgbojlf Comodo Drag&Drop Service - dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo Comodo Web Inspector - dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn Comodo Media Downloader - dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo GoSaove - dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ednodhldjchhmhfppjpgkbkmpfhikhih Comodo Share Page Service - dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf Google Slides - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek BIODIGITAL HUMAN - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak Google Docs - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Tampermonkey - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo Google Sheets - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Collusion for Chrome - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ganlifbpkcplnldliibcbegplfmcfigp Facebook for Chrome - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp Magisto - Magical Video Editor - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk HyperTranslate - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kecaejkkcpijbbnnmnkpcpgiifdplcia Blipshot — one click screenshots - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaboflcmhejfihjcbmdiebgfchigjcf Facebook Messenger - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdapmeleikeppmfgadilffngabfpibok Google Wallet - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda FBDELTML - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\olpgdigakalagbnckjmnhajofccbbeaf Select City - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma Gmail - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia GoSaove - dejan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ednodhldjchhmhfppjpgkbkmpfhikhih GoSave - dejan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gcjhjeabadcoieipbebhhhfakpfbnlbd GoSave - dejan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gjjfmejpmilieieanilklbjjalhiodob GoSave - dejan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hahgdlkjbfmbkgilljfflhdibmgaahim GoSave - dejan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jklnjbmhnhepnicbojgkieibakgpddkp GoSave - dejan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbldcppfddgndkfhpfmfgpnkodgbojlf GoSaove - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ednodhldjchhmhfppjpgkbkmpfhikhih GoSaove - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ednodhldjchhmhfppjpgkbkmpfhikhih GoSave - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gcjhjeabadcoieipbebhhhfakpfbnlbd GoSave - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gjjfmejpmilieieanilklbjjalhiodob GoSave - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hahgdlkjbfmbkgilljfflhdibmgaahim GoSave - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jklnjbmhnhepnicbojgkieibakgpddkp GoSave - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbldcppfddgndkfhpfmfgpnkodgbojlf GoSaove - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ednodhldjchhmhfppjpgkbkmpfhikhih GoSaove - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ednodhldjchhmhfppjpgkbkmpfhikhih GoSave - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gcjhjeabadcoieipbebhhhfakpfbnlbd GoSave - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gjjfmejpmilieieanilklbjjalhiodob GoSave - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hahgdlkjbfmbkgilljfflhdibmgaahim GoSave - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jklnjbmhnhepnicbojgkieibakgpddkp GoSave - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbldcppfddgndkfhpfmfgpnkodgbojlf ==== Chromium Startpages ====================== C:\Users\dejan\AppData\Local\Comodo\Dragon\User Data\Default\Preferences "homepage": "http://websearch.coolsearches.info/?pid=20495&r=2015/04/08&hid=14315775422242091832&lg=EN&cc=RS&unqvl=85", "startup_urls": [ "http://websearch.coolsearches.info/?pid=20495&r=2015/04/08&hid=14315775422242091832&lg=EN&cc=RS&unqvl=85" ], "urls_to_restore_on_startup": [ "http://websearch.coolsearches.info/?pid=20495&r=2015/04/08&hid=14315775422242091832&lg=EN&cc=RS&unqvl=85" ] C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://websearch.mocaflix.com/", "startup_urls": [ "http://websearch.mocaflix.com/", "http://websearch.searchandfly.info/?pid=3896&r=2014/09/18&hid=14315775422242091832&lg=EN&cc=RS&unqvl=62", "http://www.istartsurf.com/?type=hp&ts=1411404801&from=smt&uid=WDCXWD5000AAKS-00YGA0_WD-WCAS8066279662796", "http://websearch.searchandfly.info/?pid=3896&r=2014/09/25&hid=14315775422242091832&lg=EN&cc=RS&unqvl=62", "http://websearch.allsearches.info/?pid=3482&r=2014/10/05&hid=14315775422242091832&lg=EN&cc=RS&unqvl=64", "http://istart.webssearches.com/?type=hp&ts=1412519908&from=exp&uid=WDCXWD5000AAKS-00YGA0_WD-WCAS8066279662796", "http://www.sweet-page.com/?type=hp&ts=1413876712&from=cor&uid=WDCXWD5000AAKS-00YGA0_WD-WCAS8066279662796", "http://websearch.searc-hall.info/?pid=3458&r=2014/11/03&hid=14315775422242091832&lg=EN&cc=RS&unqvl=65", "http://websearch.search-plaza.info/?pid=3463&r=2014/11/11&hid=14315775422242091832&lg=EN&cc=RS&unqvl=69", "http://istart.webssearches.com/?type=hp&ts=1416947335&from=exp&uid=WDCXWD5000AAKS-00YGA0_WD-WCAS8066279662796", "http://www.mystartsearch.com/?type=hp&ts=1422035696&from=smt&uid=WDCXWD5000AAKS-00YGA0_WD-WCAS8066279662796" ] ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://services.freshy.com/general/newhometab.php?hometab=home&partner=11185&guid={F9361945-DF85-4C8F-A353-8027104BE375}&i=" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{92C7B1B5-DE71-40E3-AC68-A0FC9758D12A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {7FE5D492-FF15-4BB0-ACF5-A6B18DB94324} Yahoo! Url="http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11185" {92C7B1B5-DE71-40E3-AC68-A0FC9758D12A} Yahoo: Url="https://search.yahoo.com/yhs/search?hspart=tightrope&hsimp=yhs-tig2&type=11185_011415&p={searchTerms}" {95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="https://mysearch.avg.com/search?cid={55B1B356-8AFF-410B-94DF-DBCA8601494B}&mid=dd5fc3f655bb47d296e3d15696fa0d28-0024689bf3919a4e8122f47637591eafddd236e7&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-04" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on sre 22.04.2015 at 14:53:04,11 ======================

Profil

helen1 Poslao: 22 Apr 2015 19:10 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni zoek ; zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; U beli okvir prozora iskopiraj sledeći tekst: createsrpoint; autoclean; ednodhldjchhmhfppjpgkbkmpfhikhih;chr gcjhjeabadcoieipbebhhhfakpfbnlbd;chr gjjfmejpmilieieanilklbjjalhiodob;chr hahgdlkjbfmbkgilljfflhdibmgaahim;chr jklnjbmhnhepnicbojgkieibakgpddkp;chr mbldcppfddgndkfhpfmfgpnkodgbojlf;chr ngpampappnmepgilojfohadhhmbhlaek;chr C:\Program Files\Internet Download Manager;fs C:\Users\dejan\AppData\Local\Comodo\Dragon\User Data\Default\Preferences;f C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Preferences;f {5afc0857-ce93-471c-9a00-b6247890dc1d}.xpi;ff {B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi;ff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader;fs C:\ProgramData\lpknfjaeigcmaopebplbeicakpilhebd;fs C:\ProgramData\elmcfjljiglccigjnbmclokjfaanhdll;fs C:\ProgramData\{aebadf42-fe1e-7474-aeba-adf42fe17d0b};fs C:\Users\dejan\AppData\Roaming\EZDownloader;fs c:\program files\google;fs gupdate;s gupdatem;s emptyalltemp; ipconfig /flushdns;b Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

dejanod Poslao: 23 Apr 2015 14:13 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.0 Updated 08-April-2015 Tool run by dejan on źet 23.04.2015 at 13:20:13,58. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\dejan\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-04-22-125304.log 51086 bytes ==== System Restore Info ====================== 23.4.2015 13:21:44 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\Folder Password Expert deleted successfully C:\Program Files\Freemake deleted successfully C:\Program Files\FreeTime deleted successfully C:\Program Files\Lock Folder XP deleted successfully C:\Program Files\WinAVI deleted successfully C:\Program Files\Wondershare deleted successfully C:\PROGRA~2\23405448 deleted successfully C:\PROGRA~2\a0a8f53a000058d7 deleted successfully C:\PROGRA~2\Freemake deleted successfully C:\PROGRA~2\IDM deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\Users\dejan\AppData\Roaming\DMCache deleted successfully C:\Users\dejan\AppData\Roaming\EurekaLog deleted successfully C:\Users\dejan\AppData\Roaming\Maxthon3 deleted successfully C:\Users\dejan\AppData\Roaming\Opera Software deleted successfully C:\Users\dejan\AppData\Local\Opera Software deleted successfully C:\Users\dejan\AppData\Local\VirtualStore deleted successfully C:\Users\dejan\AppData\Local\WMTools Downloaded Files deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7FE5D492-FF15-4BB0-ACF5-A6B18DB94324} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\SearchScopes\{92C7B1B5-DE71-40E3-AC68-A0FC9758D12A} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{151EAFB1-92A8-4C09-AB6A-75A57891E2EB} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B851AF-A4B9-43EF-97D3-28E1B4A5DB9B} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1662D926-50FF-464A-B063-7A64313A275} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16DC342F-8AAA-4199-B539-8948A9FBD51D} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5DA33-1A85-4048-809E-96C885A2B5} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C9E22D0-8DD7-4056-87C9-82B6CFA93E37} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CDCE5B5-A654-49D7-A623-8659F7B4C855} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1e947bfc-ef2e-41b3-a89b-e5972abb669d} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F54D75B-5709-4F66-8FF4-F346701F6FE8} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FE8FDB6-143B-40AB-AEF9-7BFCDD2F8DA} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{222489CC-86F5-4FA8-8B7B-942429FBE31} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23E6ED14-93F8-4B52-88F8-BDC6CC98A51E} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24C104AB-91CB-4C5F-9E66-2EE1DBC6E1E1} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24D39E93-941E-48BB-8B8B-5CD8B504434} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2734712E-BDFE-4BE7-B9EB-58EB6F6147C} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{280A82CC-96FB-4DE5-B1AB-B6D69D8DFB} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2cb422e9-161d-4c6e-9083-c27ec9db7652} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DA03725-DA8F-47EA-834A-FBDA35CE31AE} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E160EDC-A9BA-41E7-BDA1-942B368EE5E} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F01DF03-F645-4BE6-8AEF-D4DEEB68EB6D} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31684C3D-DA55-47D8-82CB-5E38AD3B616C} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{338E849-9E11-40DA-AF9B-CCDF7EFCA00} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34A51436-58E1-4F46-AED-3855E45D388} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34D0680C-6541-4A50-B58A-67558573B140} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{393DEB2B-78D1-44E3-85B7-56E2EC19E07C} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CE6DC0D-3ED1-49D4-9010-9B438E46766E} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41F5D683-C764-4AC7-8358-AC8E438B4484} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43B8C0E7-C6A1-4844-B046-7026EBB8D6D7} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4481791A-6DD5-4A6E-BB89-B44023A61CA3} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C1431EC-9F9E-4643-B511-21803145BB86} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52893312-7E9-478C-A83D-3F3384CAB5F6} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{535830B-4FC3-453C-9656-AC2AD7F5FF91} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53D31D2D-6B79-4493-A077-BE77F4C39CD} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54F58B53-2B7-446D-AB64-CA3DEA2D6257} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A9CE7B0-94A1-47D5-9440-6AD3D56F6A7} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D341E22-5B66-489C-BAF6-A18858EFFDF} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EA671ED-EEDB-4F92-9AB9-F367ACD929} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{614A9EDE-AFD4-48B4-832D-F3BBCD7DD342} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6507E196-5936-4EBF-8EEA-7DD7D2572A61} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65A4F4C4-F297-499B-B5DA-CFA1274A10FF} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67A7F70-F82-42F4-B2A3-7FD34B4AE23F} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69658F00-16F4-4798-AECC-3F52BC87264A} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A7603E5-BED4-42BA-BDEF-224832F9D62C} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C31D4A5-495A-4D2A-8F7F-6D9E583DB8} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C4F486F-5C2E-4FD9-B4DE-9CE7A2D4ABB8} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E1D5718-8223-4366-BA6A-D4886CF1F7A} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72456EAD-B1F7-4D3F-9426-931CE890F6A6} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AA6B1B7-CF69-42AC-A122-8AA047ACBA42} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AF4253A-5959-4D87-A468-537D3659DB84} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B256003-5E75-4512-BC44-B91A7547646} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F91048D-1475-4C04-8C1C-DD623E5ED8F} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80A52303-3B00-4E2B-B220-5BDCAF4279C3} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8664CFED-E9-4F5E-91C5-94514A912F5} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89959BFA-8E4E-4367-AEA9-9A26E7C2B71} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b7c1442-509f-4940-9f60-98f212f568a5} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{971B5719-EB32-431A-B027-A755223BA329} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98794236-8CBD-4AC8-ADDC-6324AB98E89D} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9980079B-2E34-409B-BB67-E87B44519A5C} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E9F7670-2826-4C30-888-8B3C356288B1} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FA9BEC5-28BA-442C-86FF-EAB38E81E4A8} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8F02D78-752F-455C-BB58-301989D73161} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAAD4BB9-D86E-49CD-B088-EE398B978C5B} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB0FA976-B691-48D4-BC44-8649695AB22} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4BD31C4-C6C9-45CB-A5C8-46E081382CCA} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B78F0DD8-C8D-4116-A179-7D97589B3E1} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9B5927D-3FB4-4DCF-93D4-77FFB012BFD8} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBCBA572-40D6-4D88-AD67-43FFE7081F} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE0451E-27D8-4FD0-A2EB-93EE3062A586} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEC75DBE-792F-4369-A469-E60A427F896} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1DB45B2-25B6-4A1B-BA73-715146104294} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2C568F2-F183-4207-85E0-B4BEDB973D55} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5C6C308-44E1-4D94-8236-C2AFA4C1F03} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8160FF6-D4D6-49A5-BDFF-E3C51D40C186} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8D18E82-7624-4758-99AA-2939FD6766A4} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA0EE2A8-63B1-42D1-9339-6E85DC671782} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA9EC0DB-455C-4D58-8C5-2857ABC277A7} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF7E3AD8-1E6B-4B37-A17A-3FA12EF58D8} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4C3C30B-BC20-435A-9B80-ACE8D6BD6AF} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA64AB3-61FF-480D-B352-19D2AC83BCB} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA7277EB-A5CF-4304-BE18-84B877E97D1A} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1E5ED90-D858-40DF-9A73-FBE987712DCF} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E972D484-8D64-4059-B512-F9D2422B2A89} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBC3A3DA-4695-455A-BE87-AA3A474A7C5} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC4D5B12-DFDF-434C-B62-3DA9FBF1C3} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED33E9CA-ACA2-42C1-A55C-4D1A6F32C8CB} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3A79FF7-D53C-4FFE-A3CF-7CAE0D3DB81} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDA919BE-DDDE-4073-A6B7-DA1EAEC14F9} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEF9BE5D-3F4A-4A05-A05A-17AB3847F8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1e947bfc-ef2e-41b3-a89b-e5972abb669d} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2cb422e9-161d-4c6e-9083-c27ec9db7652} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b7c1442-509f-4940-9f60-98f212f568a5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gupdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\gupdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gupdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\gupdatem deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default user.js not found ---- Lines {5afc0857-ce93-471c-9a00-b6247890dc1d}.xpi removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-profile\":{\"ehtip@robertkatic\":{\"d\":\"C:\\\\Users\\\\dejan\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\ ---- Lines Sweet removed from prefs.js ---- user_pref("extensions.XUsbuIX2S5zLGBDJ.url", "http://getproxy5.info/sync2/?q=hfZ9ofV9CShEAen0rTa6qTUMg708BNmGWj8ikGhGheDUojw8rdrErTw7rdYGqGhIC7n0rjkEr ---- Lines extensions.34nfpNhfrx6tKgsE removed from prefs.js ---- user_pref("extensions.34nfpNhfrx6tKgsE.epoch", "1429722069"); user_pref("extensions.34nfpNhfrx6tKgsE.url", "http://onionbarstar.info/sync2/?q=hfZ9oemMC7n5hShEAen0rTa9pjkMg708BNmGWj8ikGhGheDUojw8rdnEpdwHqdwFqchIC7 ---- Lines extensions.T6gs9WdmAlvtjOl2 removed from prefs.js ---- user_pref("extensions.T6gs9WdmAlvtjOl2.epoch", "1425399001"); user_pref("extensions.T6gs9WdmAlvtjOl2.url", "http://webterminall.in/sync2/?q=hfZ9oe4MhyhHhdUMCyVUojsEqHg4tMqLDe49CNU0kVrMCMlNhd9FqjaHrdsFqTa7rjkMBzqU ---- Lines extensions.XUsbuIX2S5zLGBDJ removed from prefs.js ---- user_pref("extensions.XUsbuIX2S5zLGBDJ.epoch", "1425399000"); ---- Lines extensions.nFmX1mUN7aXo9vZ6 removed from prefs.js ---- user_pref("extensions.nFmX1mUN7aXo9vZ6.epoch", "1429722068"); user_pref("extensions.nFmX1mUN7aXo9vZ6.url", "http://webdireect.in/sync2/?q=hfZ9oemMC7n5hShEAen0rTa9pjkMg708BNmGWj8ikGhGheDUojw8rdnEpdwHrHkFqchIC7n0rj ---- FireFox user.js and prefs.js backups ---- prefs_23.04.2015_1354_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Maxthon3\Shell\open\command] @="C:\\Program Files\\Maxthon\\Bin\\Maxthon.exe" ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\Program Files\Folder Password Expert not found C:\Program Files\Freemake not found C:\Program Files\FreeTime not found C:\Program Files\Lock Folder XP not found C:\Program Files\WinAVI not found C:\Program Files\Wondershare not found C:\Program Files\Internet Download Manager not found C:\Program Files\SalEPlues deleted C:\Program Files\SSaleePluss deleted C:\Program Files\AdFender deleted C:\Program Files\GoForFilesUpdater deleted C:\Program Files\Tonec deleted C:\Program Files\UnIDaealisi deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader deleted C:\ProgramData\lpknfjaeigcmaopebplbeicakpilhebd deleted C:\ProgramData\elmcfjljiglccigjnbmclokjfaanhdll deleted C:\ProgramData\{aebadf42-fe1e-7474-aeba-adf42fe17d0b} deleted C:\Users\dejan\AppData\Roaming\EZDownloader deleted C:\PROGRA~2\hkgijneakchlpnopiagfpelfjeemlfak deleted C:\PROGRA~2\{0961bcc0-ea1e-7e3f-0961-1bcc0ea1f303} deleted C:\PROGRA~2\{c887db17-ef41-6c8e-c887-7db17ef46c5f} deleted C:\Users\dejan\AppData\Local\AVG Web TuneUp deleted C:\Users\dejan\.android deleted C:\Program Files\Common Files\DVDVideoSoft\bin deleted C:\Program Files\Common Files\Wondershare deleted C:\found.000 deleted C:\found.001 deleted C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader deleted C:\ProgramData\Microsoft\Windows\Start Menu\SimpleFiles deleted C:\Users\dejan\AppData\Roaming\Wondershare deleted C:\Users\dejan\AppData\Roaming\burnaware.ini deleted C:\PROGRA~2\AVG Web TuneUp deleted C:\PROGRA~2\Microsoft\Windows\Start Menu\GoForFiles deleted C:\PROGRA~2\BSD deleted C:\PROGRA~2\Package Cache deleted C:\Users\dejan\AppData\Local\Wondershare deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default\extensions\firefox@mega.co.nz.xpi deleted C:\Users\Public\Desktop\Free YouTube Downloader.lnk deleted C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default\extensions\{5afc0857-ce93-471c-9a00-b6247890dc1d}.xpi deleted "C:\Users\dejan\AppData\Local\Comodo\Dragon\User Data\Default\Preferences" deleted "C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Preferences" deleted "C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi" deleted "C:\Program Files\AVG Web TuneUp\TBAPI.dll" deleted "C:\Program Files\AVG Web TuneUp\TBAPI.dll" deleted "c:\program files\Google\Update\1.3.26.9\GoogleCrashHandler.exe" deleted "c:\program files\Google" not deleted "C:\Program Files\AVG Web TuneUp" not deleted "C:\Program Files\AVG Web TuneUp" not deleted "C:\Users\dejan\AppData\LocalLow\AVG Web TuneUp" deleted "c:\program files\Google\Update" not deleted "c:\program files\Google\Update\1.3.26.9" not deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default user_pref("browser.startup.homepage", "http://ww.google.com/"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default - EHTip - %ProfilePath%\extensions\ehtip@robertkatic - HyperTranslate - %ProfilePath%\extensions\hypertranslate@mdc.com.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default 0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat EC34DA8DB1BEB238C31DA80BBA7CD1C9 - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - AdobeAAMDetect 9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 14D06C3796CE3F6BA8F43CDF3AD65D76 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U67 0A6E5E3BEF374AA2F47071E7374EAD7B - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.670.1 9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash 2955CAAF499DF93CB8870B76E8C9D9C3 - C:\Program Files\Verimatrix\ViewRight Web\npViewRight.dll - Verimatrix ViewRight 528C34F569285E55CCB56A4A83E05352 - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - AdobeAAMDetect ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\dejan\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ngpampappnmepgilojfohadhhmbhlaek - C:\Program Files\Internet Download Manager\IDMGCExt.crx[] Comodo Drag&Drop Service - dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo Comodo Web Inspector - dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn Comodo Media Downloader - dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo GoSaove - dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ednodhldjchhmhfppjpgkbkmpfhikhih Comodo Share Page Service - dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf Google Slides - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek BIODIGITAL HUMAN - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak Google Docs - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Tampermonkey - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo Google Sheets - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Collusion for Chrome - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ganlifbpkcplnldliibcbegplfmcfigp Facebook for Chrome - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp Magisto - Magical Video Editor - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk HyperTranslate - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kecaejkkcpijbbnnmnkpcpgiifdplcia Blipshot â€” one click screenshots - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaboflcmhejfihjcbmdiebgfchigjcf Facebook Messenger - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdapmeleikeppmfgadilffngabfpibok Google Wallet - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda FBDELTML - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\olpgdigakalagbnckjmnhajofccbbeaf Select City - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma Gmail - dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ednodhldjchhmhfppjpgkbkmpfhikhih deleted successfully C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://services.freshy.com/general/newhometab.php?hometab=home&partner=11185&guid={F9361945-DF85-4C8F-A353-8027104BE375}&i=" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{92C7B1B5-DE71-40E3-AC68-A0FC9758D12A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{92C7B1B5-DE71-40E3-AC68-A0FC9758D12A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek deleted successfully HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TVWiz deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM Tray Agent deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_8BAC0AC64CF025414AE80B43C98D6F2A deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\se deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader deleted successfully ==== Empty IE Cache ====================== C:\Users\dejan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\dejan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\dejan\AppData\Local\Mozilla\Firefox\Profiles\ar9t45es.default\Cache emptied successfully C:\Users\dejan\AppData\Local\Mozilla\Firefox\Profiles\ar9t45es.default\cache2 emptied successfully C:\Users\dejan\AppData\Local\Mozilla\Firefox\Profiles\c7p3cv1b.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\dejan\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully C:\Users\dejan\AppData\Local\Vivaldi\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=972 folders=286 654738953 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\dejan\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\dejan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "c:\program files\Google" not found "C:\Program Files\AVG Web TuneUp" not found "C:\Program Files\AVG Web TuneUp" not found ==== EOF on źet 23.04.2015 at 14:11:40,35 ======================

Profil

magna86 Poslao: 23 Apr 2015 16:34 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, ja cu odmenjivati kolegu koji je zauzet. Sada ponovo pokreni Zoek ali pusti ovaj script: `FFDefaults; CHRDefaults; bitsadmin /reset /allusers >> %temp%\log.txt;b Reboot;` Kada Zoek zavrsi rad, postavi sveze formiran Zoek log. Potom ... 1. Preuzmi sUBs-ov ComboFix () sa ovog linka i sačuvaj alat na Desktop. • Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); • Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. ------------------------------------------------------------ 2. Privremeno deaktiviraj AntiVirus program, u većini slučajeva preko desnog klika na ikonu programa u system tray. Oni mogu ometati alat tokom rada. Ukoliko nisi siguran kako to da uradiš, isprati ovo uputstvo. ------------------------------------------------------------ 3. Dvoklikom na ikonicu pokreni ComboFix. Potom, na disclaimer prozoru klikni dugme I Agree! • ComboFix će proveriti da li je dostupna nova verzija alata. Klikni Yes ako je zatrazeno preuzimanje. • Ukoliko Recovery Console nije instaliran, ComboFix će ponuditi preuzimanje i instalaciju. Klikni Yes da bi dozvolio alatu da preuzme i instalira Recovery Console • ComboFix će skenirati računar po fazama (Stage_#) ukupno 50 faza. Ne kliktati okolo dok ComboFix ispituje sistem. • Ukoliko je malware detektovan, ComboFix će zapoceti njegovo uklanjanje. Iz tog razloga, alat će po potrebi restartovati Windows (nekad i više puta); Napomena: Ako nakon rada alata dobiješ grešku (Illegal operation attempted on a registry key that has been marked for deletion) prilikom startovanja programa, restartovati računar i to ce rešiti problem. ------------------------------------------------------------ 4. Kada alat završi, formiraće i otvoriti izveštaj (tipična lokacija: C:\ComboFix.txt) Iskopiraj sadržaj ComboFix.txt izveštaja u poruku. ComboFix će takođe formirati i dodatan izveštaj (tipicna lokacija: C:\Qoobox\ComboFix-quarantined-files.txt) Okači ComboFix-quarantined-files.txt izveštaj uz poruku koristeći opciju Prikači fajl

Profil

magna86 Poslao: 23 Apr 2015 17:43 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dobro, ovo sada izgleda bolje. Hajde obrisi FRST alat koji trenutno imas i preuzmi svezu kopiju sa datih linkova (linkovi se nalaze u uputstvu za otvaranje teme). Pokreni alat i klik na dugme Scan, postavi mi svez FRST.txt izvestaj.

Profil

dejanod Poslao: 23 Apr 2015 18:14 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2015 01 Ran by dejan (administrator) on DEJAN-PC on 23-04-2015 18:06:24 Running from C:\Users\dejan\Desktop Loaded Profiles: dejan (Available profiles: dejan) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe (WinAbility® Software Corporation) C:\Program Files\Folder Guard\FG32.exe (Nalpeiron Ltd.) C:\Windows\System32\NlsSrv32.exe (SoftwareForMe Inc) C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe (SoftwareForMe Inc) C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe (Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe (Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3710416 2015-02-19] (AVG Technologies CZ, s.r.o.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-3105228336-3140102207-1041830059-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3105228336-3140102207-1041830059-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-21-3105228336-3140102207-1041830059-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3105228336-3140102207-1041830059-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-27] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-27] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default FF Homepage: hxxp://ww.google.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-27] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-27] (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-23] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-23] (Google Inc.) FF Plugin: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll [2014-06-10] (Verimatrix, Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems) FF Plugin HKU\S-1-5-21-3105228336-3140102207-1041830059-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll [2014-06-10] (Verimatrix, Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml [2015-04-05] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml [2015-04-05] FF Extension: EHTip - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default\Extensions\ehtip@robertkatic [2015-04-03] FF Extension: HyperTranslate - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default\Extensions\hypertranslate@mdc.com.xpi [2015-02-10] FF Extension: Adblock Plus - C:\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\c7p3cv1b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-14] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird Chrome: ======= CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-18] CHR Extension: (Google Docs) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-18] CHR Extension: (Google Drive) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-18] CHR Extension: (YouTube) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-18] CHR Extension: (Google Search) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-18] CHR Extension: (Google Sheets) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-18] CHR Extension: (Google Wallet) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-27] CHR Extension: (Gmail) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18] CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Docs) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-20] CHR Extension: (Google Drive) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-20] CHR Extension: (YouTube) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-20] CHR Extension: (Google Search) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-20] CHR Extension: (Google Wallet) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-20] CHR Extension: (Gmail) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-20] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1508656 2015-02-19] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3411408 2015-02-19] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [308720 2015-02-19] (AVG Technologies CZ, s.r.o.) R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [File not signed] R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [File not signed] R2 Folder Guard; C:\Program Files\Folder Guard\FG32.exe [181832 2013-08-26] (WinAbility® Software Corporation) R2 PhoneMyPC_Helper; C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [31232 2011-07-15] (SoftwareForMe Inc) [File not signed] R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH) S3 wampapache; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [22016 2014-05-01] (Apache Software Foundation) [File not signed] S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [10959360 2014-05-01] () [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2012-07-03] (Google Inc) S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [15744 2015-01-21] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [24576 2015-01-26] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [29696 2015-01-26] (LG Electronics Inc.) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [48920 2014-12-03] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [217568 2015-02-19] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107488 2015-01-23] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210400 2015-01-16] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-11-04] (AVG Technologies) R2 FGUARD32; C:\Program Files\Folder Guard\FGUARD32.SYS [58128 2013-08-26] (WinAbility® Software Corporation) S3 pneteth; C:\Windows\System32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-11-04] (Duplex Secure Ltd.) S3 catchme; \??\C:\Users\dejan\AppData\Local\Temp\catchme.sys [X] U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2014-07-29] (Huawei Technologies Co., Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-23 18:06 - 2015-04-23 18:06 - 00013112 _____ () C:\Users\dejan\Desktop\FRST.txt 2015-04-23 18:05 - 2015-04-23 18:05 - 01139200 _____ (Farbar) C:\Users\dejan\Downloads\FRST(1).exe 2015-04-23 18:01 - 2015-04-23 18:01 - 01139200 _____ (Farbar) C:\Users\dejan\Desktop\FRST.exe 2015-04-23 17:41 - 2015-04-23 17:59 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-23 17:41 - 2015-04-23 17:46 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-23 17:41 - 2015-04-23 17:42 - 00000000 ____D () C:\Program Files\Google 2015-04-23 17:32 - 2015-04-23 17:31 - 00024064 _____ () C:\Windows\zoek-delete.exe 2015-04-23 17:32 - 2015-04-23 16:53 - 00004477 _____ () C:\zoek-results2015-04-23-145357.log 2015-04-23 17:24 - 2015-04-23 17:24 - 00020474 _____ () C:\ComboFix.txt 2015-04-23 17:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-04-23 17:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-04-23 17:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-04-23 17:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-04-23 17:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-04-23 17:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2015-04-23 17:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2015-04-23 17:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2015-04-23 16:59 - 2015-04-23 17:24 - 00000000 ____D () C:\Qoobox 2015-04-23 16:59 - 2015-04-23 17:22 - 00000000 ____D () C:\Windows\erdnt 2015-04-23 16:42 - 2015-04-23 16:42 - 05619466 ____R (Swearware) C:\Users\dejan\Desktop\ComboFix.exe 2015-04-23 16:02 - 2015-04-23 16:02 - 00000000 ____D () C:\Users\dejan\Desktop\ZTE Firmware Flasher 2015-04-23 16:01 - 2015-04-23 16:02 - 34084913 _____ () C:\Users\dejan\Desktop\ZTE Firmware Flasher.zip 2015-04-23 14:17 - 2015-04-23 14:18 - 04459120 _____ (ZTE Corporation ) C:\Users\dejan\Desktop\ZTE Handset USB Driver 5.2066.1.8.exe 2015-04-23 14:17 - 2015-04-23 14:17 - 09247068 _____ () C:\Users\dejan\Desktop\blade-fastboot-recovery.zip 2015-04-23 14:11 - 2015-04-23 17:34 - 00001942 _____ () C:\Windows\PFRO.log 2015-04-23 13:21 - 2015-04-22 14:53 - 00051086 _____ () C:\zoek-results2015-04-22-125304.log 2015-04-22 20:55 - 2015-04-22 20:55 - 00001769 _____ () C:\Users\dejan\Desktop\Detalji_1504_531631951_1_0600374950.csv 2015-04-22 15:52 - 2015-04-22 15:52 - 35606969 _____ () C:\Users\dejan\Desktop\Camera(1).zip 2015-04-22 15:42 - 2015-04-22 15:42 - 00000000 ____D () C:\Users\dejan\Downloads\new-google-plus-badge-widget 2015-04-22 15:11 - 2015-04-22 15:11 - 35606969 _____ () C:\Users\dejan\Desktop\Camera.zip 2015-04-22 14:44 - 2015-04-23 17:35 - 00003373 _____ () C:\zoek-results.log 2015-04-22 14:43 - 2015-04-23 14:01 - 00000000 ____D () C:\zoek_backup 2015-04-22 11:09 - 2015-04-22 11:09 - 00000000 ____D () C:\Users\dejan\Desktop\zoek 2015-04-22 11:08 - 2015-04-22 14:42 - 00000000 ____D () C:\Users\dejan\Desktop\u 2015-04-22 11:08 - 2015-04-22 11:08 - 01305600 _____ () C:\Users\dejan\Desktop\zoek.exe 2015-04-22 11:02 - 2015-04-23 17:34 - 00000784 _____ () C:\Windows\setupact.log 2015-04-22 11:02 - 2015-04-22 11:02 - 00000000 _____ () C:\Windows\setuperr.log 2015-04-20 23:53 - 2015-04-20 23:54 - 00002288 _____ () C:\Users\dejan\Desktop\dejan - Chrome.lnk 2015-04-20 19:49 - 2015-04-20 19:49 - 00000000 ____D () C:\Users\dejan\Downloads\LG_Flash_Tool_2014 2015-04-18 23:49 - 2015-04-18 23:49 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome апликације 2015-04-18 23:43 - 2015-04-23 17:42 - 00002176 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-04-18 23:43 - 2015-04-18 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-04-18 18:48 - 2015-04-18 18:49 - 02217984 _____ () C:\Users\dejan\Desktop\adwcleaner_4.201.exe 2015-04-17 17:29 - 2015-04-23 18:06 - 00000000 ____D () C:\FRST 2015-04-15 23:24 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-04-15 23:24 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-04-15 23:24 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-04-15 23:24 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-04-15 23:24 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-04-15 23:24 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-04-15 23:24 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-04-15 23:24 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-04-15 23:24 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-04-15 23:24 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-04-15 23:24 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-04-15 23:24 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-04-15 23:24 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-04-15 23:24 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-04-15 23:24 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-04-15 23:24 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-04-15 23:24 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-04-15 23:24 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-04-15 23:24 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-04-15 23:24 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-04-15 23:24 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-04-15 23:24 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-04-15 23:24 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-04-15 23:24 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-04-15 23:24 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-04-15 23:24 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-04-15 23:23 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-04-15 23:23 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-04-15 23:23 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-04-15 23:23 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-04-15 23:23 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-04-15 23:23 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-04-15 23:23 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-04-15 23:23 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-04-15 23:23 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-04-15 23:23 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-04-15 23:23 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-04-15 23:23 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-04-15 23:23 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-04-15 23:23 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-04-15 23:23 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-04-15 23:23 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-04-15 23:23 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-04-15 23:23 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-04-15 23:23 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-04-15 23:23 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-04-15 23:23 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-04-15 23:23 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-04-15 23:23 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-04-15 23:23 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-04-15 23:23 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-04-15 23:23 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-04-15 23:22 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-15 23:22 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-15 23:22 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-15 23:22 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-15 23:22 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-15 23:22 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-15 23:22 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-04-15 23:22 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-15 23:22 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-04-15 23:22 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-15 23:22 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-04-15 23:22 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-04-15 23:22 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-04-15 23:22 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-04-15 23:22 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-04-15 23:22 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-04-15 23:22 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-04-15 23:22 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-04-15 23:22 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-04-15 23:22 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-04-15 23:15 - 2015-04-16 16:15 - 17189552 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe 2015-04-09 21:10 - 2015-04-09 21:10 - 00000598 _____ () C:\Users\dejan\Desktop\WampServer.lnk 2015-04-09 21:10 - 2015-04-09 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer 2015-04-09 21:07 - 2015-04-09 21:12 - 00000000 ____D () C:\wamp 2015-04-09 19:43 - 2015-04-18 23:55 - 00000000 ____D () C:\xampp 2015-04-09 12:19 - 2015-04-09 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkipSoft Android ToolKit 2015-04-09 12:18 - 2015-04-09 12:20 - 00000000 ____D () C:\Unified_Android_ToolKit 2015-04-08 16:12 - 2015-04-08 16:32 - 00000000 ____D () C:\KDZTOOL 2015-04-08 15:42 - 2015-04-08 15:42 - 00000000 ____D () C:\Windows\system32\X86 2015-04-08 15:42 - 2015-04-08 15:42 - 00000000 ____D () C:\Windows\system32\AMD64 2015-04-05 15:45 - 2015-04-05 15:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-05 13:14 - 2015-04-05 13:16 - 00000000 ___SD () C:\Windows\system32\GWX 2015-04-02 21:21 - 2015-04-02 21:21 - 00001172 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2015-04-02 21:21 - 2015-04-02 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-04-02 21:17 - 2015-04-23 13:56 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft 2015-04-02 21:17 - 2015-04-02 21:21 - 00000000 ____D () C:\Program Files\DVDVideoSoft 2015-04-02 21:17 - 2015-04-02 21:17 - 00000000 ____D () C:\Program Files\Free Codec Pack 2015-04-02 21:07 - 2015-04-02 21:07 - 00002495 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk 2015-04-02 21:07 - 2015-04-02 21:07 - 00000000 ____D () C:\Program Files\Movie Maker 2.6 2015-04-02 20:41 - 2015-04-02 21:01 - 00000000 ____D () C:\Program Files\Common Files\FlashIntegro 2015-04-02 20:41 - 2015-04-02 20:41 - 00000000 ____D () C:\Users\dejan\Documents\FlashIntegro 2015-04-02 20:41 - 2015-04-02 20:41 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\VideoEditor 2015-04-02 20:41 - 2015-04-02 20:41 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\FlashIntegro 2015-04-02 20:41 - 2014-12-09 13:21 - 00081792 _____ (Flash-Integro LLC) C:\Windows\system32\mslvddsfilter2.ax 2015-04-02 20:41 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\system32\Lagarith.dll 2015-04-02 20:41 - 2005-08-01 19:43 - 00245760 _____ () C:\Windows\system32\lame.ax 2015-04-02 20:41 - 2004-12-10 10:03 - 00438272 _____ (On2.com) C:\Windows\system32\vp6vfw.dll 2015-04-02 20:41 - 2004-09-06 16:06 - 00053248 _____ () C:\Windows\system32\xvid.ax 2015-04-02 20:41 - 2004-07-03 21:08 - 00139264 _____ () C:\Windows\system32\xvidvfw.dll 2015-04-02 20:41 - 2004-07-03 20:59 - 00524288 _____ () C:\Windows\system32\xvidcore.dll 2015-04-02 20:41 - 2004-02-04 21:11 - 00081920 _____ (fccHandler) C:\Windows\system32\AC3ACM.acm 2015-04-02 20:41 - 2003-05-22 12:26 - 00638976 _____ (DivXNetworks, Inc.) C:\Windows\system32\divx.dll 2015-04-02 20:41 - 2003-05-22 12:26 - 00221215 _____ (DivXNetworks, Inc.) C:\Windows\system32\divxdec.ax 2015-04-02 20:41 - 2003-05-21 23:50 - 00261632 _____ (MainConcept) C:\Windows\system32\mcdvd_32.dll 2015-04-02 20:41 - 2003-05-21 23:50 - 00156910 _____ () C:\Windows\WMSysPr8.prx 2015-04-02 20:41 - 2003-05-21 23:50 - 00082944 _____ (Voxware, Inc.) C:\Windows\system32\vct3216.acm 2015-04-02 20:41 - 2003-05-21 23:50 - 00038912 _____ (NCT Company) C:\Windows\system32\alf2cd.acm 2015-04-02 20:41 - 2003-05-21 23:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll 2015-04-02 20:41 - 2003-03-25 05:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\L3CODECX.AX 2015-04-02 20:41 - 2003-03-18 23:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll 2015-04-02 20:41 - 2002-08-20 00:41 - 00413760 _____ (Microsoft Corporation) C:\Windows\system32\mpg4c32.dll 2015-04-02 20:41 - 2000-03-14 20:55 - 00013239 _____ (SHARP Corporation) C:\Windows\system32\Scg726.acm 2015-04-02 20:24 - 2015-04-02 20:36 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\avidemux 2015-04-02 20:07 - 2015-04-02 20:07 - 00000000 ____D () C:\Users\dejan\Documents\HighAndes 2015-04-02 20:07 - 2015-04-02 20:07 - 00000000 ____D () C:\Users\dejan\AppData\Local\HighAndes 2015-04-02 20:07 - 2015-04-02 20:07 - 00000000 ____D () C:\ProgramData\HighAndes 2015-04-02 20:07 - 2012-11-10 01:21 - 00071280 _____ (Nalpeiron Ltd.) C:\Windows\system32\NlsSrv32.exe 2015-04-02 16:54 - 2015-04-02 16:54 - 22012281 _____ () C:\Users\dejan\Documents\b8_12486479_rootsrbija (1).sql 2015-04-02 16:53 - 2015-04-02 16:53 - 22012281 _____ () C:\Users\dejan\Documents\b8_12486479_rootsrbija.sql 2015-04-01 18:37 - 2015-04-01 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftwareForMe 2015-04-01 18:11 - 2015-04-01 18:11 - 00000000 ____D () C:\Program Files\SoftwareForMe Inc 2015-04-01 15:44 - 2015-04-01 15:49 - 00000000 ____D () C:\Users\dejan\Desktop\MTK-TWRP 2015-03-30 18:49 - 2015-04-02 21:02 - 00000000 ____D () C:\Program Files\Common Files\Web Solution Mart 2015-03-30 18:49 - 2004-03-09 01:00 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\COMDLG32.OCX 2015-03-30 18:49 - 2004-03-09 00:00 - 01081616 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCTL.OCX 2015-03-30 18:49 - 2004-03-09 00:00 - 00132880 _____ (Microsoft Corporation) C:\Windows\system32\MSINET.OCX 2015-03-30 18:25 - 2015-04-18 23:42 - 00000000 ____D () C:\Program Files\NCH Software 2015-03-30 18:25 - 2015-04-02 21:05 - 00126013 _____ () C:\Users\dejan\AppData\Roaming\VideoPad.dmp 2015-03-30 18:25 - 2015-03-30 18:25 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\NCH Software 2015-03-30 18:25 - 2015-03-30 18:25 - 00000000 ____D () C:\ProgramData\NCH Software 2015-03-30 15:43 - 2015-03-30 15:43 - 00000938 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-03-30 15:43 - 2015-03-30 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-03-30 15:43 - 2015-03-30 15:43 - 00000000 ____D () C:\Program Files\CCleaner 2015-03-30 15:32 - 2015-03-30 15:32 - 00001836 _____ () C:\Users\Public\Desktop\Defraggler.lnk 2015-03-30 15:32 - 2015-03-30 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler 2015-03-30 15:32 - 2015-03-30 15:32 - 00000000 ____D () C:\Program Files\Defraggler 2015-03-29 23:32 - 2015-03-29 23:32 - 00000000 ____D () C:\Users\dejan\AppData\Local\Reincubate_Ltd 2015-03-29 19:38 - 2015-03-29 19:39 - 03533838 _____ () C:\Users\dejan\Documents\video-ac492b9bbdba7f5d767ec7cd0b3d871cabf4893e685159c7c374eaf0f5f7ea8b-V.mp4 2015-03-29 19:37 - 2015-04-02 21:17 - 00000000 ____D () C:\Users\dejan\Downloads\Video 2015-03-28 22:02 - 2015-03-28 22:05 - 00000000 ____D () C:\Program Files\Unlocker 2015-03-28 22:02 - 2015-03-28 22:02 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2015-03-28 20:55 - 2015-03-28 20:55 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\CyberScrub 2015-03-28 20:54 - 2015-03-28 20:54 - 00000986 _____ () C:\Users\Public\Desktop\CyberScrub Privacy Suite.lnk 2015-03-28 20:54 - 2015-03-28 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberScrub Privacy Suite 2015-03-28 20:54 - 2015-03-28 20:54 - 00000000 ____D () C:\Program Files\CyberScrub Privacy Suite 2015-03-28 20:54 - 2007-02-07 13:08 - 00000084 _____ () C:\Windows\csact.ini 2015-03-28 20:29 - 2015-04-01 15:33 - 00000000 ____D () C:\Users\dejan\AppData\Local\Folder Guard 2015-03-28 20:27 - 2015-04-01 15:30 - 00000000 ____D () C:\ProgramData\Folder Guard 2015-03-28 20:27 - 2015-03-28 20:27 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Folder Guard 2015-03-28 20:27 - 2015-03-28 20:27 - 00000000 ____D () C:\Program Files\Folder Guard 2015-03-28 19:31 - 2015-03-28 19:31 - 00000000 ____D () C:\RecoveredData 2015-03-28 15:12 - 2015-01-26 10:23 - 00029696 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem.sys 2015-03-28 15:12 - 2015-01-26 10:22 - 00024576 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag.sys 2015-03-28 15:12 - 2015-01-21 12:49 - 00015744 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetbus.sys 2015-03-28 14:52 - 2015-03-28 15:12 - 00002411 _____ () C:\Windows\system32\lgAxconfig.ini 2015-03-28 14:52 - 2015-03-28 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool 2015-03-28 14:52 - 2011-05-06 11:37 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\msvcr90.dll 2015-03-28 14:52 - 2011-05-06 11:37 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\msvcp90.dll 2015-03-28 14:52 - 2011-05-06 11:37 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\msvcm90.dll 2015-03-28 14:52 - 2006-04-30 06:33 - 00053248 _____ () C:\Windows\system32\CommonDL.dll 2015-03-28 14:52 - 2005-09-29 23:39 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\msxml4a.dll 2015-03-28 14:51 - 2015-03-28 14:52 - 00000000 ____D () C:\ProgramData\LGMOBILEAX 2015-03-27 17:17 - 2015-03-28 13:16 - 00000000 ____D () C:\Users\dejan\Documents\AirDroid 2015-03-27 14:18 - 2015-03-27 14:18 - 00001055 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LG PC Suite.Lnk 2015-03-26 16:32 - 2015-03-27 14:37 - 00000813 _____ () C:\Windows\psb_raster.ini ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-23 17:43 - 2009-07-14 06:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-23 17:43 - 2009-07-14 06:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-23 17:38 - 2014-09-28 01:36 - 01518190 _____ () C:\Windows\WindowsUpdate.log 2015-04-23 17:34 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-23 17:24 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default 2015-04-23 17:24 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2015-04-23 17:19 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini 2015-04-23 17:15 - 2014-09-27 18:13 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-23 17:11 - 2015-01-14 23:53 - 00000000 ____D () C:\ProgramData\TEMP 2015-04-23 15:53 - 2014-11-04 00:27 - 00000000 ____D () C:\ProgramData\MFAData 2015-04-23 14:11 - 2014-10-05 14:29 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-04-23 13:59 - 2014-10-05 14:29 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2015-04-23 13:59 - 2014-10-05 14:29 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2015-04-23 13:59 - 2014-10-05 14:29 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google 2015-04-23 13:59 - 2014-10-05 14:29 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo 2015-04-23 13:59 - 2014-10-05 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2015-04-23 13:59 - 2014-10-05 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2015-04-23 13:59 - 2014-09-27 16:52 - 00000000 ____D () C:\Users\dejan\AppData\Local\Google 2015-04-23 13:56 - 2014-09-27 16:48 - 00000000 ____D () C:\Users\dejan 2015-04-23 13:56 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-04-21 20:33 - 2014-11-26 14:23 - 00000000 ____D () C:\Windows\pss 2015-04-21 20:12 - 2014-11-11 14:53 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\FileZilla 2015-04-21 20:12 - 2014-10-03 23:24 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\uTorrent 2015-04-21 20:12 - 2014-10-03 16:28 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\TeamViewer 2015-04-21 19:01 - 2014-10-05 21:23 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\Skype 2015-04-19 14:11 - 2014-10-06 13:03 - 00000000 ____D () C:\AdwCleaner 2015-04-16 15:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat 2015-04-16 15:32 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2015-04-16 14:45 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-04-16 13:58 - 2014-12-11 12:58 - 00000000 ____D () C:\Windows\system32\appraiser 2015-04-16 13:58 - 2014-09-28 16:13 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-04-16 13:44 - 2014-09-27 19:09 - 00000000 ____D () C:\Windows\system32\MRT 2015-04-16 13:23 - 2014-09-27 19:09 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-04-16 13:22 - 2010-11-20 23:01 - 00765280 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-15 22:51 - 2014-09-27 18:13 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-04-15 22:51 - 2014-09-27 18:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-04-09 22:28 - 2015-02-10 14:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-04-09 21:39 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF 2015-04-09 21:27 - 2015-03-10 21:12 - 00000000 ____D () C:\Program Files\Opera 2015-04-07 19:37 - 2014-10-14 23:16 - 00000000 ____D () C:\Users\dejan\Downloads\Compressed 2015-04-03 14:11 - 2014-10-03 14:58 - 00000000 ____D () C:\Program Files\TeamViewer 2015-04-02 21:17 - 2014-11-04 21:15 - 00000000 ____D () C:\Users\dejan\AppData\Roaming\DVDVideoSoft 2015-04-01 19:26 - 2015-03-21 23:01 - 00000898 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-04-01 19:26 - 2015-03-21 23:01 - 00000886 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-03-30 16:02 - 2015-01-07 15:53 - 00000000 ____D () C:\Windows\Minidump 2015-03-30 16:02 - 2014-09-28 02:32 - 00000000 ____D () C:\Windows\Panther 2015-03-30 14:54 - 2009-07-14 06:33 - 00272376 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-29 19:37 - 2014-09-27 18:11 - 00059480 _____ () C:\Users\dejan\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-29 19:01 - 2015-03-12 15:25 - 00000000 ____D () C:\Users\dejan\AppData\Local\Vivaldi 2015-03-28 20:06 - 2015-03-18 12:52 - 00000000 ____D () C:\Users\dejan\AppData\Local\Lenovo 2015-03-28 15:13 - 2015-01-23 19:41 - 00000000 ____D () C:\Program Files\LG Electronics 2015-03-27 14:18 - 2015-01-25 20:22 - 00001049 _____ () C:\Users\Public\Desktop\LG PC Suite.Lnk 2015-03-27 14:18 - 2015-01-25 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite ==================== Files in the root of some directories ======= 2014-10-05 14:19 - 2014-10-05 14:32 - 0000693 _____ () C:\Program Files\Simlock Remote Clientoperations.log 2014-10-31 23:17 - 2014-10-31 23:17 - 0000132 _____ () C:\Users\dejan\AppData\Roaming\Adobe GIF Format CS6 Prefs 2015-02-10 15:30 - 2015-02-10 15:31 - 0046592 ___SH () C:\Users\dejan\AppData\Roaming\Thumbs.db 2015-03-30 18:25 - 2015-04-02 21:05 - 0126013 _____ () C:\Users\dejan\AppData\Roaming\VideoPad.dmp 2014-11-05 19:14 - 2014-11-05 19:23 - 0001456 _____ () C:\Users\dejan\AppData\Local\Adobe Save for Web 13.0 Prefs 2014-10-13 20:19 - 2014-10-13 20:19 - 0007605 _____ () C:\Users\dejan\AppData\Local\Resmon.ResmonCfg Some content of TEMP: ==================== C:\Users\dejan\AppData\Local\temp\7za.exe C:\Users\dejan\AppData\Local\temp\DaS_21.exe C:\Users\dejan\AppData\Local\temp\hijackthis.exe C:\Users\dejan\AppData\Local\temp\sed.exe C:\Users\dejan\AppData\Local\temp\shortcut.exe C:\Users\dejan\AppData\Local\temp\swxcacls.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-16 14:56 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-04-2015 01 Ran by dejan at 2015-04-23 18:07:41 Running from C:\Users\dejan\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} FW: AVG update module (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3105228336-3140102207-1041830059-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.) 1.1.3 (HKLM\...\{A4046FE1-986B-4463-B4DD-CFA473A7056B}_is1) (Version: - PDFZilla) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) AC3Filter 2.6.0b (HKLM\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky) Adobe AIR (HKLM\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated) Adobe Flash Player 16 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 16.0.0.310 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.) Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AquaSoft DiaShow 7 Blue Net (HKLM\...\AquaSoft DiaShow 7 Blue Net) (Version: 7.7.11 - AquaSoft) AquaSoft DiaShow 7 Blue Net (Version: 7.7.11 - AquaSoft) Hidden AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5751 - AVG Technologies) AVG 2015 (Version: 15.0.4334 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.5751 - AVG Technologies) Hidden Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation) BurnAware Free 7.5 (HKLM\...\BurnAware Free_is1) (Version: - Burnaware) CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform) CyberScrub® Privacy Suite™ 5.1 (HKLM\...\CyberScrub® Privacy Suite™ 5.1_is1) (Version: - CyberScrub LLC) Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform) FileZilla Client 3.9.0.6 (HKLM\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse) Firebird 2.5.0.26074 (Win32) (HKLM\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project) Folder Guard (HKLM\...\Folder Guard) (Version: 9.1 - WinAbility® Software Corporation) Free Studio version 6.5.0.324 (HKLM\...\Free Studio_is1) (Version: 6.5.0.324 - DVDVideoSoft Ltd.) Free YouTube Downloader 4.0.305 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.) GOM Audio (HKLM\...\GomAudio) (Version: 2.0.7.0873 - Gretech Corporation) GOM Player (HKLM\...\GOM Player) (Version: 2.2.67.5221 - Gretech Corporation) Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.) Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.3.23.20150119 - LG Electronics) LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics) Metric Collection SDK 35 (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) Mozilla Firefox 37.0.1 (x86 sr) (HKLM\...\Mozilla Firefox 37.0.1 (x86 sr)) (Version: 37.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla) MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Notepad++ (HKLM\...\Notepad++) (Version: 6.7.4 - Notepad++ Team) PhoneMyPC (HKLM\...\{FD452361-CF71-40FD-AAC1-40DE562311E8}) (Version: 2.0.3 - SoftwareForMe Inc.) SAM Broadcaster (remove only) (HKLM\...\SAM3) (Version: - ) Skype™ 7.2 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.) TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.40798 - TeamViewer) Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) ViewRight Web PC 3.6.0.0 (HKLM\...\{27961C9F-1965-48D9-A579-40F8EBEA0603}) (Version: 3.6.0.0 - Verimatrix, Inc.) WampServer 2.5 (HKLM\...\WampServer 2_is1) (Version: - Hervé Leclerc (HeL)) Windows Driver Package - Intel Corporation (igfx) Display (10/04/2011 8.15.10.2548) (HKLM\...\EE0B646FE1A7D97B045F489D957489932AFE5DBA) (Version: 10/04/2011 8.15.10.2548 - Intel Corporation) Windows Driver Package - Intel USB (07/09/2013 9.1.9.1004) (HKLM\...\7FE3091A683E1D79B336ED7A5D69467CDFFB7A5E) (Version: 07/09/2013 9.1.9.1004 - Intel) Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3105228336-3140102207-1041830059-1000_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.) ==================== Restore Points ========================= 22-04-2015 14:44:48 zoek.exe restore point 23-04-2015 13:21:16 zoek.exe restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2015-04-23 17:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {19B07FE8-2F0E-43EB-8EA3-8826907AF0C7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {30FCCDEF-FEE5-4493-9F45-996D8D635978} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation) Task: {4AFA1169-D655-4A40-88D0-CBEB4D566DA7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {63E92F0E-4D38-4B8B-AAE6-611FA5A2FD30} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {732E467E-686E-4480-937E-AF0E15ADC5ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {89E42881-B441-4ADE-8A3A-27B0DBD64DCD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo) Task: {92064230-690E-489F-B51E-C4F16F20B700} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {993E9104-FD07-4AF2-A613-35814FFCA118} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd) Task: {B483EC40-39B2-4706-9A85-143E8F562446} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-23] (Google Inc.) Task: {C0964201-5F72-47E4-BBED-6C6C2666D66B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-23] (Google Inc.) Task: {CCC06CAE-84B2-4B7B-9DDC-1BB4D2BDCE0E} - System32\Tasks\{D985D79D-7423-4963-9B96-13085E0C8496} => pcalua.exe -a C:\Users\dejan\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=exp <==== ATTENTION Task: {FC72F884-215A-4F55-8E48-CFFF47C443DF} - System32\Tasks\{77AC5C0D-F74C-4086-B434-C61353BDA021} => pcalua.exe -a "C:\Users\dejan\Downloads\Compressed\MTK_USB_ADB_Ultimate\All MTK USB Driver 2014\All MTK Drivers\AutoDriver_Win7\x86\spinstall.exe" -d "C:\Users\dejan\Downloads\Compressed\MTK_USB_ADB_Ultimate\All MTK USB Driver 2014\All MTK Drivers\AutoDriver_Win7\x86" (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-09-26 15:40 - 2014-09-26 15:40 - 01029280 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll 2014-10-16 11:15 - 2014-10-16 11:15 - 00035328 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll 2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll 2010-07-04 23:32 - 2010-07-04 23:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll 2015-04-19 00:37 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\dejan\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2015-04-19 00:37 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\dejan\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:B4AF47A7 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3105228336-3140102207-1041830059-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\dejan\AppData\Roaming\AquaSoft\DiaShow7\AquaSoft SlideShow Blue Net Wallpaper.bmp DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^dejan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WindowsLGFirmwareExtract-1.2.1.0-Release.zip.lnk => C:\Windows\pss\WindowsLGFirmwareExtract-1.2.1.0-Release.zip.lnk.Startup MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR MSCONFIG\startupreg: FG_Monitor => C:\Program Files\Folder Guard\FG32.exe /Start MSCONFIG\startupreg: Privacy Suite RiskMonitor => "C:\Program Files\CyberScrub Privacy Suite\Launch.exe" "C:\Program Files\CyberScrub Privacy Suite\CSRiskMon.exe" MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe" MSCONFIG\startupreg: uTorrent => "C:\Users\dejan\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ==================== Accounts: ============================= Administrator (S-1-5-21-3105228336-3140102207-1041830059-500 - Administrator - Disabled) dejan (S-1-5-21-3105228336-3140102207-1041830059-1000 - Administrator - Enabled) => C:\Users\dejan Guest (S-1-5-21-3105228336-3140102207-1041830059-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3105228336-3140102207-1041830059-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/23/2015 03:54:37 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010054): Driver installation failed Error: (04/23/2015 03:54:37 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010054): Driver installation failed Error: (04/23/2015 11:53:25 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010054): Driver installation failed Error: (04/23/2015 11:53:25 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010054): Driver installation failed Error: (04/22/2015 07:09:35 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010054): Driver installation failed Error: (04/22/2015 07:09:35 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010054): Driver installation failed Error: (04/22/2015 03:09:59 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010054): Driver installation failed Error: (04/22/2015 03:09:59 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010054): Driver installation failed Error: (04/22/2015 11:09:51 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010054): Driver installation failed Error: (04/22/2015 11:09:51 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010054): Driver installation failed System errors: ============= Error: (04/23/2015 05:19:47 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/23/2015 05:10:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/23/2015 05:02:56 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/23/2015 01:54:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/23/2015 01:54:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/23/2015 01:54:25 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/23/2015 01:54:24 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/23/2015 01:54:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/23/2015 01:54:22 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/23/2015 01:54:21 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Microsoft Office Sessions: ========================= Error: (04/23/2015 03:54:37 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010054): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/23/2015 03:54:37 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010054): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/23/2015 11:53:25 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010054): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/23/2015 11:53:25 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010054): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/22/2015 07:09:35 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010054): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/22/2015 07:09:35 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010054): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/22/2015 03:09:59 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010054): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/22/2015 03:09:59 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010054): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/22/2015 11:09:51 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010054): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/22/2015 11:09:51 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27046. CA_Error27046: DriverInstallationFun(0xE0010054): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL) CodeIntegrity Errors: =================================== Date: 2014-12-11 14:27:48.327 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2014-12-06 18:21:52.451 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2014-11-12 14:53:34.686 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG2015\avghookx.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) D CPU 2.66GHz Percentage of memory in use: 45% Total physical RAM: 2037.49 MB Available physical RAM: 1115.4 MB Total Pagefile: 4074.98 MB Available Pagefile: 2968.12 MB Total Virtual: 2047.88 MB Available Virtual: 1909.93 MB ==================== Drives ================================ Drive c: (Windows 7) (Fixed) (Total:78.87 GB) (Free:34.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:39.16 GB) (Free:39.02 GB) NTFS Drive e: (dejan) (Fixed) (Total:276.09 GB) (Free:221.86 GB) NTFS Drive f: () (Fixed) (Total:3 GB) (Free:2.95 GB) NTFS Drive g: (Windows 8) (Fixed) (Total:39.94 GB) (Free:39.84 GB) NTFS Drive i: () (Fixed) (Total:0.04 GB) (Free:0.04 GB) FAT32 Drive j: (J) (Fixed) (Total:1.95 GB) (Free:1.91 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0001EEEB) Partition 1: (Active) - (Size=78.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=39.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=346.9 GB) - (Type=OF Extended) ==================== End Of Log ============================

Profil

magna86 Poslao: 23 Apr 2015 19:01 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! E moj dejanod, ti si sve logove ovde izmesao. Izvrsi ovaj script a potom mi reci kako ti se sada ponasa racunar? 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: Start CloseProcesses: Task: {CCC06CAE-84B2-4B7B-9DDC-1BB4D2BDCE0E} - System32\Tasks\{D985D79D-7423-4963-9B96-13085E0C8496} => pcalua.exe -a C:\Users\dejan\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=exp <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-3105228336-3140102207-1041830059-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION S3 catchme; \??\C:\Users\dejan\AppData\Local\Temp\catchme.sys [X] Hosts: C:\Users\dejan\AppData\Roaming\webssearches RemoveProxy: AlternateDataStreams: C:\ProgramData\TEMP:B4AF47A7 CreateRestorePoint: CMD: Dir /b c:\background.js /s REG: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f REG: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f EmptyTemp: End 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Profil

dejanod Poslao: 23 Apr 2015 19:27 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 23 Apr 2015 19:15 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-04-2015 01 Ran by dejan at 2015-04-23 19:05:45 Run:4 Running from C:\Users\dejan\Desktop Loaded Profiles: dejan (Available profiles: dejan) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: Task: {CCC06CAE-84B2-4B7B-9DDC-1BB4D2BDCE0E} - System32\Tasks\{D985D79D-7423-4963-9B96-13085E0C8496} => pcalua.exe -a C:\Users\dejan\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=exp <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-3105228336-3140102207-1041830059-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION S3 catchme; \??\C:\Users\dejan\AppData\Local\Temp\catchme.sys [X] Hosts: C:\Users\dejan\AppData\Roaming\webssearches RemoveProxy: AlternateDataStreams: C:\ProgramData\TEMP:B4AF47A7 CreateRestorePoint: CMD: Dir /b c:\background.js /s REG: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f REG: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f EmptyTemp: End ***************** Processes closed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCC06CAE-84B2-4B7B-9DDC-1BB4D2BDCE0E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCC06CAE-84B2-4B7B-9DDC-1BB4D2BDCE0E}" => Key deleted successfully. C:\Windows\System32\Tasks\{D985D79D-7423-4963-9B96-13085E0C8496} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D985D79D-7423-4963-9B96-13085E0C8496}" => Key deleted successfully. "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\S-1-5-21-3105228336-3140102207-1041830059-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. catchme => Service deleted successfully. C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts was reset successfully. "C:\Users\dejan\AppData\Roaming\webssearches" => File/Directory not found. ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully. HKU\S-1-5-21-3105228336-3140102207-1041830059-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully. HKU\S-1-5-21-3105228336-3140102207-1041830059-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully. ========= End of RemoveProxy: ========= C:\ProgramData\TEMP => ":B4AF47A7" ADS removed successfully. Restore point was successfully created. ========= Dir /b c:\background.js /s ========= c:\AdwCleaner\Quarantine\C\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.7_0\background.js.vir c:\AdwCleaner\Quarantine\C\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.7_1\background.js.vir c:\AdwCleaner\Quarantine\C\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ganlifbpkcplnldliibcbegplfmcfigp\2.3.0_0\scripts\background.js.vir c:\AdwCleaner\Quarantine\C\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\background.js.vir c:\AdwCleaner\Quarantine\C\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\background.js.vir c:\AdwCleaner\Quarantine\C\Users\dejan\AppData\Roaming\Mozilla\Firefox\Profiles\ar9t45es.default\Extensions\warnerroberts@hotmail.com\extensionData\userCode\background.js.vir c:\Users\dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo\2.3.2_0\CHR\scripts\background.js c:\Users\dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo\1.4.5_0\CHR\scripts\background.js c:\Users\dejan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf\0.1_0\js\background.js c:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_1\craw_background.js c:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\craw_background.js c:\Users\dejan\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\craw_background.js c:\zoek_backup\C_Users_dejan_AppData_Local_Google_Chrome_User Data_Default_Extensions_pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\background.js ========= End of CMD: ========= ========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= The operation completed successfully. ========= End of Reg: ========= EmptyTemp: => Removed 119.7 MB temporary data. The system needed a reboot. ==== End of Fixlog 19:10:19 ==== Dopuna: 23 Apr 2015 19:27 Dobar je sad , dobro se ponaša.Nije loše.

Profil

magna86 Poslao: 24 Apr 2015 13:45 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu, to je onda to. • Sledeća procedura će implementirati završno čišćenje. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: `DeleteQuarantine:` 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Napomena: Nije potrebno dosavljati ovaj izvestaj. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) - Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix - DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

dejanod Poslao: 25 Apr 2015 20:19 Idi na vrh
offline dejanod Moderator foruma u administraciji Pridružio: 16 Okt 2010 Poruke: 3468 Gde živiš: KRAGUJEVAC	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odradjeno.Hvala!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Kada digne sistem treba mu vremena da se pokrene

Ko je trenutno na forumu

Ukupno su 996 korisnika na forumu :: 17 registrovanih, 2 sakrivenih i 977 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: cenejac111, darkangel, dekan.m, djboj, FileFinder, Georgius, Kubovac, nikoladim, Oscar, Rogan33, ruma, Sir Budimir, ss10, Tvrtko I, vasa.93, vathra, Vlajman1957

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by