cuje se "clik clik" sa lap-top

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

-Problem je sto se na svakih sat-dva cuje zvuk sa zvucnika slican onom kad iskoci notifikacija da je baterija prazna (baterija je puna, i ne iskace nikakva notifikacija) u trajanju od 1-5 minuta
-poceo je pre 3 dana tokom gledanja filma
-AV ne pronalazi nista
-Pokusao sam da resim tako sto cu smanjiti ton (salim se malo) pustio sam sken AV, proveravao bateriju isl.
-Internet je telekom adsl Konekcija preko bezicnog rutera




Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Comi_Kiki (administrator) on COMI_KIKI-PC on 28-01-2015 23:20:48
Running from C:\Users\Comi_Kiki\Downloads
Loaded Profiles: Comi_Kiki (Available profiles: Comi_Kiki)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkads.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lktsrv.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\pg_ctl.exe
(http://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(http://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(http://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
(National Instruments, Inc.) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corp.) C:\Windows\SysWOW64\nisvcloc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell) C:\Users\Comi_Kiki\AppData\Local\Apps\2.0\TM51O9NJ.VE8\MDRARZR2.53G\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(Search Protect) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2014-02-03] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\...\Run: [DellSystemDetect] => C:\Users\Comi_Kiki\AppData\Local\Apps\2.0\TM51O9NJ.VE8\MDRARZR2.53G\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe [253952 2014-03-01] (Dell)
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\...\Run: [ChicaPasswordManager] => "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\...\Run: [ukjaslmqwplaskmzmcnvbv2782487043246590056] => wscript.exe //B "C:\Users\Comi_Kiki\AppData\Roaming\ukjaslmqwplaskmzmcnvbv2782487043246590056.vbs"
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\...\Run: [Facebook Update] => C:\Users\Comi_Kiki\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-22] (Facebook Inc.)
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\...\MountPoints2: {3624d3ee-1a70-11e4-8d54-bc855628994e} - G:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-08-17] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [233280 2014-11-10] (Search Protect)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [188224 2014-11-10] (Search Protect)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3321459&octi.....&SSPV=
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3321.....041&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> URL http://search.conduit.com/Results.aspx?ctid=CT3321.....041&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3321.....041&q={searchTerms}&SSPV=
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: browse2buuy -> {b18a536c-7483-4474-baba-44195b991243} -> C:\Program Files (x86)\browse2buuy\380zWi9Q4AKrg3.x64.dll ()
BHO: jointHEshopp -> {d2fc1927-d1ab-433d-a45a-f9292ee86d2a} -> C:\Program Files (x86)\jointHEshopp\ab3YgwyWLP72e6.x64.dll ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 212.200.191.166 212.200.190.166

FireFox:
========
FF ProfilePath: C:\Users\Comi_Kiki\AppData\Roaming\Mozilla\Firefox\Profiles\eimr1l17.default
FF NewTab: hxxp://search.conduit.com/?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPC00D14CE-F415-4B05-9F21-617B1A0B3041
FF Homepage: www.google.rs
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3449121565-1196748833-3454416552-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Comi_Kiki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPLV80Win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPLV82Win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Comi_Kiki\AppData\Roaming\Mozilla\Firefox\Profiles\eimr1l17.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml
FF Extension: BS Player ControlBar - C:\Users\Comi_Kiki\AppData\Roaming\Mozilla\Firefox\Profiles\eimr1l17.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} [2014-11-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-15]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google документи) - C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-03]
CHR Extension: (Google диск) - C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-03]
CHR Extension: (YouTube) - C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-03]
CHR Extension: (Google претрага) - C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-03]
CHR Extension: (multiNotifier for multiple Gmail accounts) - C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdpjakjgmgklajndnlekpojkelnibfp [2015-01-26]
CHR Extension: (bIgdeal) - C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbkkeokgbdlaffjjlieflommloooodo [2015-01-26]
CHR Extension: (Google новчаник) - C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-03]
CHR Extension: (Gmail) - C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-03]
CHR Extension: (Extutil) - C:\Users\COMI_K~1\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-03-17]
CHR Extension: (Managera) - C:\Users\COMI_K~1\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-03-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3056960 2014-11-10] (Search Protect)
R2 fa6789c5; c:\Program Files (x86)\VideoCnv\Zet.dll [3752448 2014-10-28] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [688190 2006-06-19] (National Instruments, Inc.) [File not signed]
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [45056 2006-07-25] (National Instruments, Inc.) [File not signed]
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [57344 2006-07-25] (National Instruments, Inc.) [File not signed]
R2 metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [76800 2014-04-10] (PostgreSQL Global Development Group) [File not signed]
R2 metasploitProSvc; C:\metasploit\ruby\bin\ruby.exe [70239 2014-01-04] (http://www.ruby-lang.org/) [File not signed]
R2 metasploitThin; C:\metasploit\ruby\bin\ruby.exe [70239 2014-01-04] (http://www.ruby-lang.org/) [File not signed]
R2 metasploitWorker; C:\metasploit\ruby\bin\ruby.exe [70239 2014-01-04] (http://www.ruby-lang.org/) [File not signed]
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [200704 2006-07-25] (National Instruments, Inc.) [File not signed]
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2006-06-27] (Macrovision Corporation) [File not signed]
R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [49152 2006-02-06] (National Instruments Corp.) [File not signed]
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-09] (Company) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-02-06] (Atheros)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2014-05-20] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
S2 cvintdrv; C:\Windows\SysWow64\Drivers\cvintdrv.sys [4096 2006-04-10] ()
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-11-13] (Sony Mobile Communications)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2014-05-20] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2013-07-28] (CACE Technologies, Inc.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 23:20 - 2015-01-28 23:21 - 00021908 _____ () C:\Users\Comi_Kiki\Downloads\FRST.txt
2015-01-28 23:16 - 2015-01-28 23:20 - 00000000 ____D () C:\FRST
2015-01-28 23:14 - 2015-01-28 23:14 - 02130432 _____ (Farbar) C:\Users\Comi_Kiki\Downloads\FRST64.exe
2015-01-28 17:15 - 2015-01-28 17:15 - 00281544 _____ () C:\Windows\Minidump\012815-17768-01.dmp
2015-01-28 17:15 - 2015-01-28 17:15 - 00000000 ____D () C:\Windows\Minidump
2015-01-28 17:14 - 2015-01-28 17:14 - 370588270 _____ () C:\Windows\MEMORY.DMP
2015-01-26 22:43 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\jointHEshopp
2015-01-26 22:43 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\jointheshhop
2015-01-26 22:43 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\browse2buuy
2015-01-26 22:42 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\getit4Cheaaper
2015-01-26 22:42 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\bIgdeal
2015-01-26 22:42 - 2015-01-26 22:43 - 00000000 ____D () C:\ProgramData\11291884641233298835
2015-01-26 22:42 - 2015-01-26 22:42 - 00000000 ____D () C:\Program Files (x86)\multiNotifier for multiple Gmail accounts
2015-01-23 17:24 - 2015-01-23 17:24 - 00025409 _____ () C:\Users\Comi_Kiki\Downloads\19a08d18fd088e6cae522a735dc3c7e62c52405f.zip
2015-01-23 17:22 - 2015-01-23 17:22 - 00851899 _____ () C:\Users\Comi_Kiki\Downloads\83466-boness04hdtv.zip
2015-01-15 17:59 - 2015-01-15 17:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 21:03 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 21:03 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 21:03 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 21:03 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 21:03 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 21:03 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 21:03 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 21:03 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 21:03 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 21:03 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 21:03 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 21:03 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 21:03 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-05 20:25 - 2015-01-05 20:25 - 02848905 _____ () C:\Users\Comi_Kiki\Downloads\Prosl obavestenje.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 23:19 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-28 23:19 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-28 23:10 - 2014-03-02 07:16 - 01707477 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 23:06 - 2014-03-03 20:55 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-28 23:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-28 23:05 - 2009-07-14 05:51 - 00054243 _____ () C:\Windows\setupact.log
2015-01-28 17:52 - 2014-03-03 20:55 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-28 17:03 - 2014-07-22 00:11 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3449121565-1196748833-3454416552-1000UA.job
2015-01-28 01:20 - 2014-07-22 00:11 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3449121565-1196748833-3454416552-1000Core.job
2015-01-25 23:36 - 2014-03-19 14:13 - 00000000 ____D () C:\Users\Comi_Kiki\AppData\Roaming\Hoyle Puzzle and Board Games
2015-01-22 15:54 - 2014-12-02 15:46 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-01-22 15:54 - 2014-11-13 23:32 - 00298056 _____ () C:\Windows\DPINST.LOG
2015-01-22 15:54 - 2014-11-13 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-01-22 15:54 - 2014-03-01 22:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-20 19:40 - 2014-04-22 12:57 - 00000000 ____D () C:\Users\Comi_Kiki\Desktop\kristinaaaaaa
2015-01-16 19:18 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-16 19:15 - 2014-05-20 13:54 - 00000000 ____D () C:\Users\Comi_Kiki\Downloads\Electronics Workbench v10.0
2015-01-16 10:52 - 2014-03-03 20:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-16 01:02 - 2014-03-03 22:28 - 00000000 ____D () C:\Users\Comi_Kiki\AppData\Local\Microsoft Help
2015-01-15 01:53 - 2014-08-17 19:33 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 01:49 - 2014-08-17 19:33 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 14:19 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

==================== Files in the root of some directories =======

2014-05-09 14:03 - 2014-05-11 20:04 - 0007649 _____ () C:\Users\Comi_Kiki\AppData\Local\Resmon.ResmonCfg
2014-08-21 23:41 - 2014-08-21 23:41 - 0000000 _____ () C:\Users\Comi_Kiki\AppData\Local\{C5E5FCF9-8616-449E-B3C4-3A19C597DC61}

Some content of TEMP:
====================
C:\Users\Comi_Kiki\AppData\Local\Temp\AutoRun.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Comi_Kiki\AppData\Local\Temp\avgnt.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\CloudBackup3855.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\dlc.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Comi_Kiki\AppData\Local\Temp\drm_dyndata_7300014.dll
C:\Users\Comi_Kiki\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\install_reader11_en_mssa_aaa_aih.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\nscE7CA.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\nshC3ED.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\nshC65E.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\nshC8CF.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\nsm476D.tmp.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\nssE2F8.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\nssE569.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\optprosetup.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\ose00000.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\safeguard.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\sp-downloader.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\SPIdentifier.exe
C:\Users\Comi_Kiki\AppData\Local\Temp\vcredist_x64.exe


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\SIntf16.dll
C:\Windows\SysWOW64\SIntf32.dll
C:\Windows\SysWOW64\SIntfNT.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-16 01:23

==================== End Of Log ============================
https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav,


1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

closeprocesses:
emptytemp:
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\...\Run: [ukjaslmqwplaskmzmcnvbv2782487043246590056] => wscript.exe //B "C:\Users\Comi_Kiki\AppData\Roaming\ukjaslmqwplaskmzmcnvbv2782487043246590056.vbs"
C:\Users\Comi_Kiki\AppData\Roaming\ukjaslmqwplaskmzmcnvbv2782487043246590056.vbs
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\...\MountPoints2: {3624d3ee-1a70-11e4-8d54-bc855628994e} - G:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [233280 2014-11-10] (Search Protect)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [188224 2014-11-10] (Search Protect)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [233280 2014-11-10] (Search Protect)
AppInit_DLLs-x32: C:\PROGRA~2\SearchPro
C:\Windows\SysWOW64\C2MP
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3321459&octi.....&SSPV=
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3321.....041&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> URL http://search.conduit.com/Results.aspx?ctid=CT3321.....041&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3321.....041&q={searchTerms}&SSPV=
BHO: browse2buuy -> {b18a536c-7483-4474-baba-44195b991243} -> C:\Program Files (x86)\browse2buuy\380zWi9Q4AKrg3.x64.dll ()
BHO: jointHEshopp -> {d2fc1927-d1ab-433d-a45a-f9292ee86d2a} -> C:\Program Files (x86)\jointHEshopp\ab3YgwyWLP72e6.x64.dll ()
FF NewTab: hxxp://search.conduit.com/?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPC00D14CE-F415-4B05-9F21-617B1A0B3041
CHR Extension: (bIgdeal) - C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbkkeokgbdlaffjjlieflommloooodo [2015-01-26]
CHR Extension: (Extutil) - C:\Users\COMI_K~1\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-03-17]
CHR Extension: (Managera) - C:\Users\COMI_K~1\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-03-17]
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3056960 2014-11-10] (Search Protect)
R2 fa6789c5; c:\Program Files (x86)\VideoCnv\Zet.dll [3752448 2014-10-28] () [File not signed]
c:\Program Files (x86)\VideoCnv
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-09] (Company) [File not signed]
C:\Program Files (x86)\Popcorn Time
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
2015-01-26 22:43 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\jointHEshopp
2015-01-26 22:43 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\jointheshhop
2015-01-26 22:43 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\browse2buuy
2015-01-26 22:42 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\getit4Cheaaper
2015-01-26 22:42 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\bIgdeal
2015-01-26 22:42 - 2015-01-26 22:43 - 00000000 ____D () C:\ProgramData\11291884641233298835
Task: {D9765CCA-DC6E-497E-B1F6-44CA75E1C8AA} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
C:\Program Files (x86)\MyPC Backup


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 29 Jan 2015 15:10

Citat:Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015
Ran by Comi_Kiki at 2015-01-29 14:54:32 Run:1
Running from C:\Users\Comi_Kiki\Downloads
Loaded Profiles: Comi_Kiki (Available profiles: Comi_Kiki)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
closeprocesses:
emptytemp:
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\...\Run: [ukjaslmqwplaskmzmcnvbv2782487043246590056] => wscript.exe //B "C:\Users\Comi_Kiki\AppData\Roaming\ukjaslmqwplaskmzmcnvbv2782487043246590056.vbs"
C:\Users\Comi_Kiki\AppData\Roaming\ukjaslmqwplaskmzmcnvbv2782487043246590056.vbs
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\...\MountPoints2: {3624d3ee-1a70-11e4-8d54-bc855628994e} - G:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [233280 2014-11-10] (Search Protect)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [188224 2014-11-10] (Search Protect)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [233280 2014-11-10] (Search Protect)
AppInit_DLLs-x32: C:\PROGRA~2\SearchPro
C:\Windows\SysWOW64\C2MP
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3321459&octi.....&SSPV=
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3321.....041&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> URL http://search.conduit.com/Results.aspx?ctid=CT3321.....041&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-3449121565-1196748833-3454416552-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3321.....041&q={searchTerms}&SSPV=
BHO: browse2buuy -> {b18a536c-7483-4474-baba-44195b991243} -> C:\Program Files (x86)\browse2buuy\380zWi9Q4AKrg3.x64.dll ()
BHO: jointHEshopp -> {d2fc1927-d1ab-433d-a45a-f9292ee86d2a} -> C:\Program Files (x86)\jointHEshopp\ab3YgwyWLP72e6.x64.dll ()
FF NewTab: hxxp://search.conduit.com/?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPC00D14CE-F415-4B05-9F21-617B1A0B3041
CHR Extension: (bIgdeal) - C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbkkeokgbdlaffjjlieflommloooodo [2015-01-26]
CHR Extension: (Extutil) - C:\Users\COMI_K~1\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-03-17]
CHR Extension: (Managera) - C:\Users\COMI_K~1\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-03-17]
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3056960 2014-11-10] (Search Protect)
R2 fa6789c5; c:\Program Files (x86)\VideoCnv\Zet.dll [3752448 2014-10-28] () [File not signed]
c:\Program Files (x86)\VideoCnv
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-09] (Company) [File not signed]
C:\Program Files (x86)\Popcorn Time
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
2015-01-26 22:43 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\jointHEshopp
2015-01-26 22:43 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\jointheshhop
2015-01-26 22:43 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\browse2buuy
2015-01-26 22:42 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\getit4Cheaaper
2015-01-26 22:42 - 2015-01-28 17:58 - 00000000 ____D () C:\Program Files (x86)\bIgdeal
2015-01-26 22:42 - 2015-01-26 22:43 - 00000000 ____D () C:\ProgramData\11291884641233298835
Task: {D9765CCA-DC6E-497E-B1F6-44CA75E1C8AA} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
C:\Program Files (x86)\MyPC Backup
*****************

Processes closed successfully.
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ukjaslmqwplaskmzmcnvbv2782487043246590056 => value deleted successfully.
"C:\Users\Comi_Kiki\AppData\Roaming\ukjaslmqwplaskmzmcnvbv2782487043246590056.vbs" => File/Directory not found.
"HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3624d3ee-1a70-11e4-8d54-bc855628994e}" => Key deleted successfully.
HKCR\CLSID\{3624d3ee-1a70-11e4-8d54-bc855628994e} => Key not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll" => Value Data removed successfully.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" => Value Data removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk => Moved successfully.
C:\Windows\SysWOW64\C2MP\UpdateChecker.exe => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [233280 2014-11-10] (Search Protect)" => File/Directory not found.
"AppInit_DLLs-x32: C:\PROGRA~2\SearchPro" => Value Data not found.
C:\Windows\SysWOW64\C2MP => Moved successfully.
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value deleted successfully.
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value deleted successfully.
HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value deleted successfully.
"HKU\S-1-5-21-3449121565-1196748833-3454416552-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => Key deleted successfully.
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b18a536c-7483-4474-baba-44195b991243}" => Key deleted successfully.
"HKCR\CLSID\{b18a536c-7483-4474-baba-44195b991243}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2fc1927-d1ab-433d-a45a-f9292ee86d2a}" => Key deleted successfully.
"HKCR\CLSID\{d2fc1927-d1ab-433d-a45a-f9292ee86d2a}" => Key deleted successfully.
Firefox newtab deleted successfully.
C:\Users\Comi_Kiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbkkeokgbdlaffjjlieflommloooodo => Moved successfully.
C:\Users\COMI_K~1\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B => Moved successfully.
C:\Users\COMI_K~1\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 => Moved successfully.
CltMngSvc => Service stopped successfully.
CltMngSvc => Service deleted successfully.
fa6789c5 => Service deleted successfully.
c:\Program Files (x86)\VideoCnv => Moved successfully.
Update service => Service deleted successfully.
C:\Program Files (x86)\Popcorn Time => Moved successfully.
SPPD => Service not found.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
VGPU => Service deleted successfully.
vmci => Service deleted successfully.
VMnetAdapter => Service deleted successfully.
C:\Program Files (x86)\jointHEshopp => Moved successfully.
C:\Program Files (x86)\jointheshhop => Moved successfully.
C:\Program Files (x86)\browse2buuy => Moved successfully.
C:\Program Files (x86)\getit4Cheaaper => Moved successfully.
C:\Program Files (x86)\bIgdeal => Moved successfully.
C:\ProgramData\11291884641233298835 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9765CCA-DC6E-497E-B1F6-44CA75E1C8AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9765CCA-DC6E-497E-B1F6-44CA75E1C8AA}" => Key deleted successfully.
C:\Windows\System32\Tasks\LaunchSignup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key deleted successfully.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
EmptyTemp: => Removed 6.9 GB temporary data.


The system needed a reboot.

==== End of Fixlog 14:56:36 ====

medjutim izbrizan mi je program "Popcorn Time" koji dosta koristim da gledam filove, dali mogu opet da ga instaliram?

Dopuna: 29 Jan 2015 15:41

tj program postoji, al je izbrisana ikonica...
a i net mi je sad usporen nesto :/

Dopuna: 29 Jan 2015 15:51

mada speed test pokazuje 4,34 Mb/s za Down i 0,80 za Upload

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da instaliraj program ponovo.