Ciscenje racunara

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

1) Provera racunara, trojanci, malweri..
I SW-booster ne mogu da obrisem..


Izvestaji : Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-08-2014 03
Ran by prle (administrator) on PRLE-PC on 25-08-2014 13:20:01
Running from C:\Users\prle\Downloads
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: engleski (SAD)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Link mogu videti samo ulogovani korisnici]
Download link for 64-Bit Version: [Link mogu videti samo ulogovani korisnici]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\KMPService.exe
(TopLang Software) C:\Program Files\Password Door\TLPD.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(PandoraTV) C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Users\prle\AppData\Local\Temp\Rar$EX17.416\delete doctor 2.1.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Luxand Blink!] => C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe [7630656 2012-02-08] (Luxand, Inc.)
HKLM\...\Run: [Fences] => C:\Program Files\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [Password Door] => C:\Program Files\Password Door\TLPD.EXE [61952 2008-03-22] (TopLang Software)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2014-08-18] (Glarysoft Ltd)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {1ac22040-806c-11e3-b5d0-806e6f6e6963} - H:\setup.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\...\Run: [Password Door] => C:\Program Files\Password Door\TLPD.EXE [61952 2008-03-22] (TopLang Software)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\...\Run: [LightShot] => C:\Users\UpdatusUser\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue
AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll => c:\Program Files\SW-Booster\Assistant.dll [4296192 2014-08-22] ()
Startup: C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files\Stardock\Fences\Fences.exe (Stardock Corporation)
BootExecute: autocheck autochk * BootDefrag.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x00BA1EF6EC73CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-me
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKCU - DefaultScope {72302D6D-935C-4346-A5BB-96881B825ED8} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {3A748936-3C4B-4965-A0AA-94D2CA2592F8} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src=tbsp&id=2cf1ec7b0000000000006c626d450386&affilt=3&r=553
SearchScopes: HKCU - {72302D6D-935C-4346-A5BB-96881B825ED8} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {9E06BDCF-0BDA-468E-B603-AEFD462C9890} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&cc=&mi=2cf1ec7b0000000000006c626d450386&r=669
BHO: Adblocker -> {14669796-CB3C-9319-34CA-35BBB8D245CB} -> C:\Program Files\Adblocker\bI2.dll ()
BHO: pricechoP -> {453FA534-9E32-9505-97D9-08904D3E50E6} -> C:\Program Files\pricechoP\Z41UQ3ZdSc.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default
FF Homepage: [Link mogu videti samo ulogovani korisnici]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\prle\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF user.js: detected! => C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\user.js
FF SearchPlugin: C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml
FF Extension: MySearch - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\5aeayoea@vrlaiou.edu [2014-08-07]
FF Extension: Adblocker - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\hrieamia@nssn-fj.net [2014-08-07]
FF Extension: LavaFox V2 - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\info@djzig.com [2014-07-28]
FF Extension: prIcuechop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\iyijq@ctwo-.edu [2014-07-21]
FF Extension: pricEEcehop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\ogqq-g@qsdqhpahz.org [2014-08-07]
FF Extension: Adblocker - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\st7asa@eiee-.org [2014-07-21]
FF Extension: No Name - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\staged [2014-08-07]
FF Extension: NeXtCoup - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\wnsgo@zpvwyaua.org [2014-07-21]
FF Extension: Lightweight Themes Manager - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\lwthemes-manager@loucypher.xpi [2014-03-17]
FF Extension: Stylish - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-03-17]
FF Extension: YouTube High Definition - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-03-17]
FF Extension: Adblock Plus - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-17]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

Chrome:
=======
CHR HomePage: [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1720&v=n12712-368&t=4", "hxxp://search.gboxapp.com/"
CHR NewTab: "chrome-extension://dakgbglbnknamgmkelnidgjadghljmjo/template/index.html"
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Shader - 3D New Tab) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\dakgbglbnknamgmkelnidgjadghljmjo [2014-08-21]
CHR Extension: (Временскa прогноза) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2014-08-21]
CHR Extension: (Fokus) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\flkkpmjbbpijiedjdgnhkcgopgnflehe [2014-08-21]
CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi [2014-08-22]
CHR Extension: (ХД паркинг) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkdooliglceibodeofbaodappohpdop [2014-08-21]
CHR Extension: (Eyes - The Horror Game) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jojpkokphfnjlhbnbcilnhgnkkobkngd [2014-08-21]
CHR Extension: (ИП адреса) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2014-08-21]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2014-08-21]
CHR Extension: (Skype Click to Call) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-21]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcdpnidfhfjfbafmpppcplcejgepadbo [2014-08-21]
CHR Extension: (Google новчаник) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi\3.9 [2014-08-22]
CHR HKLM\...\Chrome\Extension: [infnpeniaicgjpbmfkbgafklodbpjgjn] - C:\Program Files\MediaViewV1\MediaViewV1alpha391\ch\MediaViewV1alpha391.crx []
CHR HKLM\...\Chrome\Extension: [lefopkabiomfgkedgnpdbnlpnilcfgho] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha456\ch\MediaViewerV1alpha456.crx []
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 c67abfdb; c:\Program Files\SW-Booster\AssistantSvc.dll [174928 2014-08-22] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-06-20] (Microsoft Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2012-10-18] (Atheros Communications, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-12] (AVG Technologies)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16064 2014-07-18] (Glarysoft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2014-01-18] (DT Soft Ltd)
S3 gggen; C:\Windows\System32\DRIVERS\gggen.sys [11648 2006-09-28] (Sony Ericsson Mobile Communications) [File not signed]
S3 ggsemc; C:\Windows\System32\DRIVERS\ggsemc.sys [11648 2006-09-28] (Sony Ericsson Mobile Communications) [File not signed]
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2014-08-03] (Sony Mobile Communications)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17216 2014-08-25] (Glarysoft Ltd)
S3 hcdriver; C:\Windows\System32\DRIVERS\hcdriver.sys [55208 2013-08-21] (Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22688 2014-07-20] (REALiX(tm))
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [83336 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [15112 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [108680 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [100488 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [98696 2007-04-24] (MCCI Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113168 2012-12-09] (Power Software Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2014-01-18] (Duplex Secure Ltd.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
U3 am8jsnvm; C:\Windows\system32\Drivers\am8jsnvm.sys [0 ] (Advanced Micro Devices)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 13:20 - 2014-08-25 13:20 - 00021717 _____ () C:\Users\prle\Downloads\FRST.txt
2014-08-25 13:19 - 2014-08-25 13:20 - 00000000 ____D () C:\FRST
2014-08-25 13:19 - 2014-08-25 13:19 - 01095168 _____ (Farbar) C:\Users\prle\Downloads\FRST.exe
2014-08-25 13:08 - 2014-08-25 13:08 - 00142279 _____ () C:\Users\prle\Downloads\delete doctor 2.1.rar
2014-08-25 11:01 - 2014-08-25 11:01 - 00017216 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-08-25 11:01 - 2014-08-25 11:01 - 00001014 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-08-25 11:01 - 2014-08-25 11:01 - 00001002 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-08-25 11:01 - 2014-08-25 11:01 - 00000318 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\Users\prle\AppData\Roaming\DiskDefrag
2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2014-08-25 11:01 - 2014-08-18 03:06 - 00101664 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-08-25 11:01 - 2014-07-18 09:11 - 00016064 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-08-25 11:00 - 2014-08-25 11:00 - 00001549 _____ () C:\GUDownLoaddebug.txt
2014-08-25 11:00 - 2014-08-25 11:00 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Undelete.lnk
2014-08-25 11:00 - 2014-08-25 11:00 - 00001143 _____ () C:\Users\Public\Desktop\Glary Undelete.lnk
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Program Files\Glarysoft
2014-08-25 10:59 - 2014-08-25 11:00 - 04636312 _____ () C:\Users\prle\Downloads\gunsetup.exe
2014-08-23 20:28 - 2014-08-23 20:28 - 00225088 _____ () C:\Users\prle\Downloads\FLVPlayer_downloader-N4dGc00sK.exe
2014-08-23 03:38 - 2014-08-23 03:38 - 19946468 _____ () C:\Users\prle\Downloads\CommunityShowcaseRuralLandscapes2.themepack
2014-08-23 03:19 - 2014-08-23 03:19 - 00004084 _____ () C:\Users\prle\Downloads\Priča jednog dečaka.txt
2014-08-22 22:11 - 2014-08-25 03:53 - 00000112 _____ () C:\Windows\setupact.log
2014-08-22 22:11 - 2014-08-22 22:11 - 00001052 _____ () C:\Windows\PFRO.log
2014-08-22 22:11 - 2014-08-22 22:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-22 22:06 - 2014-08-22 22:06 - 00009578 _____ () C:\Users\prle\Downloads\[kickass.to]windows.vista.7.8.genuine.activator.2014.gerti123.torrent
2014-08-22 18:59 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-22 18:59 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-22 18:58 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-22 18:58 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-22 18:58 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-22 18:58 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-22 18:58 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-22 18:58 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-22 18:58 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-22 18:57 - 2014-08-22 18:57 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-08-22 18:57 - 2014-08-22 18:57 - 00000000 ____D () C:\Program Files\SW-Booster
2014-08-22 18:56 - 2014-08-25 13:17 - 00000000 ____D () C:\Program Files\pricechoP
2014-08-22 18:56 - 2014-08-25 13:16 - 00000000 ____D () C:\Program Files\EZDownloader
2014-08-22 18:56 - 2014-08-22 18:56 - 00001859 _____ () C:\Users\Public\Desktop\EZDownloader.lnk
2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\Windows\system32\X86
2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\Windows\system32\AMD64
2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\ProgramData\pricechoP
2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
2014-08-22 02:17 - 2014-08-22 02:17 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Verimatrix
2014-08-22 02:17 - 2014-08-22 02:17 - 00000000 ____D () C:\Program Files\Verimatrix
2014-08-21 21:22 - 2014-08-21 21:22 - 00000644 _____ () C:\Users\prle\Downloads\Microsoft_SR-1259485519.txt
2014-08-21 21:05 - 2014-08-21 21:06 - 00002709 _____ () C:\Users\prle\Downloads\legitcheck.hta
2014-08-20 20:02 - 2014-08-20 20:02 - 00020741 _____ () C:\Users\prle\Downloads\[kickass.to]vertigo.1958.1080p.brrip.x264.yify.torrent
2014-08-20 18:51 - 2014-08-20 18:51 - 00000000 ____D () C:\Users\prle\Documents\Lightshot
2014-08-20 12:23 - 2014-08-20 12:23 - 00003288 ____N () C:\bootsqm.dat
2014-08-19 18:47 - 2014-08-19 18:47 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-08-19 18:40 - 2014-08-19 18:40 - 00000000 ____D () C:\Users\prle\AppData\Roaming\GlarySoft
2014-08-15 23:18 - 2014-08-15 23:48 - 00000000 ____D () C:\Users\prle\Documents\Euro Truck Simulator
2014-08-15 22:12 - 2014-08-16 03:07 - 00000000 ____D () C:\Users\prle\Documents\Euro Truck Simulator 2
2014-08-15 13:05 - 2014-08-20 12:23 - 00000000 ____D () C:\ProgramData\PlutoApp
2014-08-15 13:04 - 2014-08-16 13:07 - 00000000 ____D () C:\ProgramData\ppruiceChop
2014-08-15 13:04 - 2014-08-16 03:10 - 00000000 ____D () C:\Program Files\ppruiceChop
2014-08-14 21:00 - 2014-08-14 21:01 - 00000000 ____D () C:\Program Files\SecurityXploded
2014-08-10 09:17 - 2014-08-10 09:22 - 00000000 ____D () C:\Users\prle\Downloads\Still Life Moving Fast
2014-08-09 17:52 - 2014-08-09 17:52 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-07 23:03 - 2014-08-07 23:03 - 00000829 _____ () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-07 21:25 - 2014-08-07 21:25 - 00000824 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Football Manager 2014.lnk
2014-08-07 21:25 - 2014-08-07 21:25 - 00000812 _____ () C:\Users\Public\Desktop\Football Manager 2014.lnk
2014-08-07 21:20 - 2014-08-07 21:46 - 00000000 ____D () C:\Program Files\Football Manager 2014
2014-08-07 16:35 - 2014-08-07 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-08-07 16:34 - 2014-08-12 14:00 - 00000000 ____D () C:\Program Files\AVG Secure Search
2014-08-06 05:16 - 2014-08-06 05:16 - 00000001 _____ () C:\Users\prle\AppData\Local\llftool.4.40.agreement
2014-08-06 05:16 - 2014-08-06 05:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool
2014-08-06 05:16 - 2014-08-06 05:16 - 00000000 ____D () C:\Program Files\HDDGURU LLF Tool
2014-08-06 05:07 - 2014-08-06 05:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Hard Disk Sentinel
2014-08-06 05:06 - 2014-08-06 06:35 - 00000000 ____D () C:\Program Files\Hard Disk Sentinel
2014-08-06 04:45 - 2014-08-06 04:45 - 00000000 ____D () C:\$WINDOWS.~BT
2014-08-06 03:24 - 2014-08-06 03:26 - 00000000 ____D () C:\Users\prle\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-08-06 03:24 - 2014-08-06 03:24 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-08-06 02:26 - 2014-08-16 03:07 - 00000000 ____D () C:\Program Files\HD Tune Pro
2014-08-06 02:03 - 2014-08-06 19:45 - 00000000 ____D () C:\Users\prle\AppData\Local\AVG Secure Search
2014-08-06 02:02 - 2014-08-12 14:00 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-08-06 02:02 - 2014-08-06 02:02 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-06 02:02 - 2014-08-06 02:02 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-08-06 02:01 - 2014-08-07 16:43 - 00000000 ____D () C:\Program Files\PowerISO
2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\ProgramData\BVRP Software
2014-08-04 14:29 - 2014-08-04 14:29 - 00000000 ____D () C:\Users\prle\Documents\Sony Ericsson
2014-08-04 14:26 - 2014-08-16 03:09 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-08-04 14:12 - 2008-05-16 11:33 - 00120744 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016mdm.sys
2014-08-04 14:12 - 2008-05-16 11:33 - 00115752 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016unic.sys
2014-08-04 14:12 - 2008-05-16 11:33 - 00114216 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016mgmt.sys
2014-08-04 14:12 - 2008-05-16 11:33 - 00110632 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016obex.sys
2014-08-04 14:12 - 2008-05-16 11:33 - 00089256 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016bus.sys
2014-08-04 14:12 - 2008-05-16 11:33 - 00025512 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016nd5.sys
2014-08-04 14:12 - 2008-05-16 11:33 - 00015016 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016mdfl.sys
2014-08-04 14:12 - 2008-05-16 11:33 - 00012200 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016whnt.sys
2014-08-04 14:12 - 2008-05-16 11:33 - 00012200 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016wh.sys
2014-08-04 14:12 - 2008-05-16 11:33 - 00012200 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016cmnt.sys
2014-08-04 14:12 - 2008-05-16 11:33 - 00012200 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016cm.sys
2014-08-04 14:12 - 2008-05-16 11:33 - 00010792 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016cr.sys
2014-08-04 14:06 - 2014-08-04 14:06 - 00000000 ____D () C:\Users\prle\AppData\Local\Sony Ericsson
2014-08-04 14:02 - 2014-08-04 14:02 - 00000000 ____D () C:\ProgramData\Sony Ericsson
2014-08-04 13:39 - 2014-08-20 04:41 - 00000000 ____D () C:\Users\prle\AppData\Local\CrashDumps
2014-08-04 13:34 - 2014-08-04 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsomc_01009.Wdf
2014-08-04 13:34 - 2014-08-04 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-08-04 13:28 - 2014-08-04 15:33 - 00000000 ____D () C:\Users\prle\AppData\Local\CatalinaGroup
2014-08-04 13:28 - 2014-08-04 13:28 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-08-04 13:27 - 2014-08-05 10:39 - 00000000 ____D () C:\Program Files\ShopperPro
2014-08-04 13:27 - 2014-08-04 14:13 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-08-04 13:27 - 2014-08-04 13:27 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-08-04 13:27 - 2014-08-04 13:27 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-03 21:09 - 2014-08-03 21:09 - 00026328 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys
2014-08-03 21:09 - 2014-08-03 21:09 - 00013528 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-08-03 21:07 - 2014-08-04 13:16 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-08-03 21:06 - 2014-08-16 03:09 - 00000000 ____D () C:\Program Files\Sony Mobile
2014-08-03 20:01 - 2014-08-04 14:28 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc
2014-08-01 16:21 - 2014-08-01 18:01 - 00000000 ____D () C:\video_output
2014-08-01 16:20 - 2014-08-04 14:27 - 00000000 ____D () C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2014-07-30 11:14 - 2014-08-06 07:52 - 00000000 ____D () C:\Program Files\Free Easy CD DVD Burner
2014-07-30 11:14 - 2014-07-30 11:15 - 00000000 ____D () C:\Users\prle\AppData\Roaming\FreeBurner
2014-07-30 11:14 - 2011-09-28 09:20 - 00040960 _____ (vbAccelerator) C:\Windows\system32\SSubTmr6.dll
2014-07-30 11:10 - 2014-07-30 11:10 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Acoustica
2014-07-30 11:10 - 2007-08-07 11:32 - 00057344 _____ (NexiTech, Inc.) C:\Windows\system32\Wnaspint.dll
2014-07-30 11:10 - 2007-08-07 10:58 - 00032768 _____ (Frog ASPI / Millenod) C:\Windows\system32\Wnaspi32.dll
2014-07-29 00:19 - 2014-07-29 00:19 - 00000000 ____D () C:\Users\prle\Documents\Optimizer Pro
2014-07-29 00:05 - 2014-07-31 11:26 - 00000000 ____D () C:\ProgramData\MySearch
2014-07-29 00:04 - 2014-07-30 11:07 - 00000000 ____D () C:\Program Files\MySearch
2014-07-29 00:04 - 2014-07-30 11:05 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-07-29 00:03 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\EZSoftware
2014-07-29 00:02 - 2014-08-22 18:56 - 00000000 ____D () C:\ProgramData\Adblocker
2014-07-29 00:02 - 2014-08-22 18:56 - 00000000 ____D () C:\Program Files\Adblocker
2014-07-29 00:02 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\pricEEcehop
2014-07-29 00:02 - 2014-07-30 11:31 - 00000000 ____D () C:\Program Files\pricEEcehop
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\prle\AppData\Local\Torch
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\prle\AppData\Local\Chromatic Browser
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-27 22:37 - 2014-08-25 10:52 - 00903625 _____ () C:\Windows\WindowsUpdate.log
2014-07-27 17:18 - 2014-07-27 17:18 - 00159144 _____ (Microsoft Corporation) C:\Users\prle\Documents\WindowsActivationUpdate.exe
2014-07-27 14:20 - 2014-08-20 04:56 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-27 14:20 - 2014-07-27 14:20 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate
2014-07-27 01:56 - 2014-08-25 02:45 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 13:20 - 2014-08-25 13:20 - 00021717 _____ () C:\Users\prle\Downloads\FRST.txt
2014-08-25 13:20 - 2014-08-25 13:19 - 00000000 ____D () C:\FRST
2014-08-25 13:19 - 2014-08-25 13:19 - 01095168 _____ (Farbar) C:\Users\prle\Downloads\FRST.exe
2014-08-25 13:17 - 2014-08-22 18:56 - 00000000 ____D () C:\Program Files\pricechoP
2014-08-25 13:16 - 2014-08-22 18:56 - 00000000 ____D () C:\Program Files\EZDownloader
2014-08-25 13:08 - 2014-08-25 13:08 - 00142279 _____ () C:\Users\prle\Downloads\delete doctor 2.1.rar
2014-08-25 12:58 - 2014-07-20 15:14 - 00000374 _____ () C:\Windows\Tasks\update-sys.job
2014-08-25 12:31 - 2013-08-28 17:39 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-25 12:30 - 2013-06-28 13:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-25 11:31 - 2013-08-28 17:39 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-25 11:01 - 2014-08-25 11:01 - 00017216 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-08-25 11:01 - 2014-08-25 11:01 - 00001014 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-08-25 11:01 - 2014-08-25 11:01 - 00001002 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-08-25 11:01 - 2014-08-25 11:01 - 00000318 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\Users\prle\AppData\Roaming\DiskDefrag
2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2014-08-25 11:01 - 2013-07-27 03:03 - 00000374 _____ () C:\Windows\Tasks\update-S-1-5-21-1606030900-3430388029-1771253369-1000.job
2014-08-25 11:00 - 2014-08-25 11:00 - 00001549 _____ () C:\GUDownLoaddebug.txt
2014-08-25 11:00 - 2014-08-25 11:00 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Undelete.lnk
2014-08-25 11:00 - 2014-08-25 11:00 - 00001143 _____ () C:\Users\Public\Desktop\Glary Undelete.lnk
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Program Files\Glarysoft
2014-08-25 11:00 - 2014-08-25 10:59 - 04636312 _____ () C:\Users\prle\Downloads\gunsetup.exe
2014-08-25 10:52 - 2014-07-27 22:37 - 00903625 _____ () C:\Windows\WindowsUpdate.log
2014-08-25 03:55 - 2014-07-18 22:21 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 03:53 - 2014-08-22 22:11 - 00000112 _____ () C:\Windows\setupact.log
2014-08-25 03:53 - 2014-07-24 21:07 - 00000000 ____D () C:\ProgramData\MCShield
2014-08-25 03:53 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-25 02:57 - 2009-07-14 06:34 - 00013904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-25 02:57 - 2009-07-14 06:34 - 00013904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-25 02:45 - 2014-07-27 01:56 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Skype
2014-08-23 20:28 - 2014-08-23 20:28 - 00225088 _____ () C:\Users\prle\Downloads\FLVPlayer_downloader-N4dGc00sK.exe
2014-08-23 03:38 - 2014-08-23 03:38 - 19946468 _____ () C:\Users\prle\Downloads\CommunityShowcaseRuralLandscapes2.themepack
2014-08-23 03:19 - 2014-08-23 03:19 - 00004084 _____ () C:\Users\prle\Downloads\Priča jednog dečaka.txt
2014-08-22 22:28 - 2013-07-14 19:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-22 22:11 - 2014-08-22 22:11 - 00001052 _____ () C:\Windows\PFRO.log
2014-08-22 22:11 - 2014-08-22 22:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-22 22:11 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-08-22 22:09 - 2013-07-02 22:00 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-08-22 22:09 - 2013-07-02 21:59 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-08-22 22:09 - 2013-07-02 21:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-08-22 22:09 - 2013-06-28 12:51 - 00000000 ____D () C:\Users\prle\AppData\Roaming\uTorrent
2014-08-22 22:06 - 2014-08-22 22:06 - 00009578 _____ () C:\Users\prle\Downloads\[kickass.to]windows.vista.7.8.genuine.activator.2014.gerti123.torrent
2014-08-22 18:57 - 2014-08-22 18:57 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-08-22 18:57 - 2014-08-22 18:57 - 00000000 ____D () C:\Program Files\SW-Booster
2014-08-22 18:56 - 2014-08-22 18:56 - 00001859 _____ () C:\Users\Public\Desktop\EZDownloader.lnk
2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\Windows\system32\X86
2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\Windows\system32\AMD64
2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\ProgramData\pricechoP
2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
2014-08-22 18:56 - 2014-07-29 00:02 - 00000000 ____D () C:\ProgramData\Adblocker
2014-08-22 18:56 - 2014-07-29 00:02 - 00000000 ____D () C:\Program Files\Adblocker
2014-08-22 18:56 - 2014-07-19 20:14 - 00000000 ____D () C:\ProgramData\25d938b0586d6be2
2014-08-22 18:56 - 2014-02-14 23:22 - 00000394 __RSH () C:\ProgramData\ntuser.pol
2014-08-22 16:25 - 2013-08-20 21:26 - 02038272 ___SH () C:\Users\prle\Desktop\Thumbs.db
2014-08-22 02:17 - 2014-08-22 02:17 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Verimatrix
2014-08-22 02:17 - 2014-08-22 02:17 - 00000000 ____D () C:\Program Files\Verimatrix
2014-08-21 21:22 - 2014-08-21 21:22 - 00000644 _____ () C:\Users\prle\Downloads\Microsoft_SR-1259485519.txt
2014-08-21 21:06 - 2014-08-21 21:05 - 00002709 _____ () C:\Users\prle\Downloads\legitcheck.hta
2014-08-21 20:06 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-08-20 20:03 - 2014-07-12 15:03 - 00000000 ____D () C:\Insidious
2014-08-20 20:02 - 2014-08-20 20:02 - 00020741 _____ () C:\Users\prle\Downloads\[kickass.to]vertigo.1958.1080p.brrip.x264.yify.torrent
2014-08-20 18:51 - 2014-08-20 18:51 - 00000000 ____D () C:\Users\prle\Documents\Lightshot
2014-08-20 12:23 - 2014-08-20 12:23 - 00003288 ____N () C:\bootsqm.dat
2014-08-20 12:23 - 2014-08-15 13:05 - 00000000 ____D () C:\ProgramData\PlutoApp
2014-08-20 04:56 - 2014-07-29 00:03 - 00000000 ____D () C:\ProgramData\EZSoftware
2014-08-20 04:56 - 2014-07-29 00:02 - 00000000 ____D () C:\ProgramData\pricEEcehop
2014-08-20 04:56 - 2014-07-27 14:20 - 00000000 ____D () C:\Program Files\globalUpdate
2014-08-20 04:45 - 2014-01-29 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
2014-08-20 04:45 - 2014-01-29 21:36 - 00000000 ____D () C:\Program Files\Sony Ericsson
2014-08-20 04:45 - 2013-06-28 12:40 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-08-20 04:44 - 2013-06-28 12:42 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-08-20 04:41 - 2014-08-04 13:39 - 00000000 ____D () C:\Users\prle\AppData\Local\CrashDumps
2014-08-19 19:03 - 2014-03-06 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-08-19 19:03 - 2014-02-06 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chatango
2014-08-19 19:03 - 2013-08-10 23:56 - 00000000 ____D () C:\Users\prle\Desktop\IGRICE
2014-08-19 18:47 - 2014-08-19 18:47 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-08-19 18:40 - 2014-08-19 18:40 - 00000000 ____D () C:\Users\prle\AppData\Roaming\GlarySoft
2014-08-18 03:06 - 2014-08-25 11:01 - 00101664 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-08-16 13:07 - 2014-08-15 13:04 - 00000000 ____D () C:\ProgramData\ppruiceChop
2014-08-16 03:10 - 2014-08-15 13:04 - 00000000 ____D () C:\Program Files\ppruiceChop
2014-08-16 03:09 - 2014-08-04 14:26 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-08-16 03:09 - 2014-08-03 21:06 - 00000000 ____D () C:\Program Files\Sony Mobile
2014-08-16 03:07 - 2014-08-15 22:12 - 00000000 ____D () C:\Users\prle\Documents\Euro Truck Simulator 2
2014-08-16 03:07 - 2014-08-06 02:26 - 00000000 ____D () C:\Program Files\HD Tune Pro
2014-08-15 23:48 - 2014-08-15 23:18 - 00000000 ____D () C:\Users\prle\Documents\Euro Truck Simulator
2014-08-15 22:40 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-08-15 13:03 - 2013-08-26 17:10 - 00000000 ____D () C:\ProgramData\InstallMate
2014-08-14 21:14 - 2013-06-28 12:15 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-14 21:01 - 2014-08-14 21:00 - 00000000 ____D () C:\Program Files\SecurityXploded
2014-08-13 03:01 - 2013-06-29 22:52 - 00000000 ____D () C:\Users\prle\AppData\Roaming\DAEMON Tools Pro
2014-08-13 02:58 - 2013-07-07 06:30 - 00007598 _____ () C:\Users\prle\AppData\Local\Resmon.ResmonCfg
2014-08-12 14:00 - 2014-08-07 16:34 - 00000000 ____D () C:\Program Files\AVG Secure Search
2014-08-12 14:00 - 2014-08-06 02:02 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-08-10 09:22 - 2014-08-10 09:17 - 00000000 ____D () C:\Users\prle\Downloads\Still Life Moving Fast
2014-08-09 17:52 - 2014-08-09 17:52 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-09 17:52 - 2013-06-28 13:09 - 00000000 ____D () C:\ProgramData\Skype
2014-08-07 23:03 - 2014-08-07 23:03 - 00000829 _____ () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-07 21:49 - 2013-07-08 20:46 - 00000000 ____D () C:\Users\Public\Documents\Sports Interactive
2014-08-07 21:49 - 2013-07-08 20:46 - 00000000 ____D () C:\Users\prle\Documents\Sports Interactive
2014-08-07 21:49 - 2013-07-08 20:46 - 00000000 ____D () C:\Users\prle\AppData\Local\Sports Interactive
2014-08-07 21:46 - 2014-08-07 21:20 - 00000000 ____D () C:\Program Files\Football Manager 2014
2014-08-07 21:25 - 2014-08-07 21:25 - 00000824 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Football Manager 2014.lnk
2014-08-07 21:25 - 2014-08-07 21:25 - 00000812 _____ () C:\Users\Public\Desktop\Football Manager 2014.lnk
2014-08-07 16:43 - 2014-08-06 02:01 - 00000000 ____D () C:\Program Files\PowerISO
2014-08-07 16:35 - 2014-08-07 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-08-07 16:18 - 2013-06-28 13:09 - 00000000 ___RD () C:\Program Files\Skype
2014-08-06 19:45 - 2014-08-06 02:03 - 00000000 ____D () C:\Users\prle\AppData\Local\AVG Secure Search
2014-08-06 07:52 - 2014-07-30 11:14 - 00000000 ____D () C:\Program Files\Free Easy CD DVD Burner
2014-08-06 07:51 - 2014-03-17 23:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q-Dir
2014-08-06 07:51 - 2014-03-17 23:13 - 00010494 _____ () C:\Windows\Q-Dir.ini
2014-08-06 06:35 - 2014-08-06 05:06 - 00000000 ____D () C:\Program Files\Hard Disk Sentinel
2014-08-06 05:16 - 2014-08-06 05:16 - 00000001 _____ () C:\Users\prle\AppData\Local\llftool.4.40.agreement
2014-08-06 05:16 - 2014-08-06 05:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool
2014-08-06 05:16 - 2014-08-06 05:16 - 00000000 ____D () C:\Program Files\HDDGURU LLF Tool
2014-08-06 05:07 - 2014-08-06 05:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Hard Disk Sentinel
2014-08-06 04:45 - 2014-08-06 04:45 - 00000000 ____D () C:\$WINDOWS.~BT
2014-08-06 04:45 - 2014-01-20 12:17 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-08-06 04:45 - 2014-01-20 12:17 - 00001908 _____ () C:\Windows\diagerr.xml
2014-08-06 03:26 - 2014-08-06 03:24 - 00000000 ____D () C:\Users\prle\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-08-06 03:24 - 2014-08-06 03:24 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-08-06 02:02 - 2014-08-06 02:02 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-06 02:02 - 2014-08-06 02:02 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\ProgramData\BVRP Software
2014-08-05 19:29 - 2014-05-27 00:00 - 00133120 ___SH () C:\Users\prle\Downloads\Thumbs.db
2014-08-05 10:39 - 2014-08-04 13:27 - 00000000 ____D () C:\Program Files\ShopperPro
2014-08-04 15:33 - 2014-08-04 13:28 - 00000000 ____D () C:\Users\prle\AppData\Local\CatalinaGroup
2014-08-04 14:35 - 2013-06-28 13:11 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Winamp
2014-08-04 14:29 - 2014-08-04 14:29 - 00000000 ____D () C:\Users\prle\Documents\Sony Ericsson
2014-08-04 14:28 - 2014-08-03 20:01 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc
2014-08-04 14:27 - 2014-08-01 16:20 - 00000000 ____D () C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2014-08-04 14:13 - 2014-08-04 13:27 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-08-04 14:13 - 2013-08-10 23:58 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-04 14:06 - 2014-08-04 14:06 - 00000000 ____D () C:\Users\prle\AppData\Local\Sony Ericsson
2014-08-04 14:02 - 2014-08-04 14:02 - 00000000 ____D () C:\ProgramData\Sony Ericsson
2014-08-04 13:57 - 2013-06-28 12:59 - 00000000 ____D () C:\Program Files\Google
2014-08-04 13:34 - 2014-08-04 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsomc_01009.Wdf
2014-08-04 13:34 - 2014-08-04 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-08-04 13:29 - 2014-01-29 21:36 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
2014-08-04 13:28 - 2014-08-04 13:28 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-08-04 13:27 - 2014-08-04 13:27 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-08-04 13:27 - 2014-08-04 13:27 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-04 13:16 - 2014-08-03 21:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-08-03 21:09 - 2014-08-03 21:09 - 00026328 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys
2014-08-03 21:09 - 2014-08-03 21:09 - 00013528 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-08-03 20:09 - 2013-07-04 17:37 - 00000000 ____D () C:\Program Files\DIFX
2014-08-01 18:01 - 2014-08-01 16:21 - 00000000 ____D () C:\video_output
2014-08-01 03:25 - 2014-07-07 02:49 - 00000000 ____D () C:\Windows\pss
2014-07-31 23:42 - 2013-07-02 22:03 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-31 11:26 - 2014-07-29 00:05 - 00000000 ____D () C:\ProgramData\MySearch
2014-07-30 11:31 - 2014-07-29 00:02 - 00000000 ____D () C:\Program Files\pricEEcehop
2014-07-30 11:15 - 2014-07-30 11:14 - 00000000 ____D () C:\Users\prle\AppData\Roaming\FreeBurner
2014-07-30 11:10 - 2014-07-30 11:10 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Acoustica
2014-07-30 11:08 - 2014-07-17 02:12 - 00000000 ____D () C:\Program Files\Hard Truck 18 Wheels
2014-07-30 11:07 - 2014-07-29 00:04 - 00000000 ____D () C:\Program Files\MySearch
2014-07-30 11:05 - 2014-07-29 00:04 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-07-29 00:19 - 2014-07-29 00:19 - 00000000 ____D () C:\Users\prle\Documents\Optimizer Pro
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\prle\AppData\Local\Torch
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\prle\AppData\Local\Chromatic Browser
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-29 00:02 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-28 15:17 - 2013-08-29 17:18 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-28 15:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Branding
2014-07-27 17:18 - 2014-07-27 17:18 - 00159144 _____ (Microsoft Corporation) C:\Users\prle\Documents\WindowsActivationUpdate.exe
2014-07-27 14:21 - 2013-08-28 17:40 - 00002149 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-27 14:20 - 2014-07-27 14:20 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate
2014-07-27 01:56 - 2013-06-28 13:09 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Old_Skype

Some content of TEMP:
====================
C:\Users\prle\AppData\Local\Temp\gu5setup.exe
C:\Users\prle\AppData\Local\Temp\Urescue_M.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-19 22:33

==================== End Of Log ============================
[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Idi u Start - Control Panel - Program and Features i deinstaliraj:
AVG Security Toolbar
pricechoP
Shopper-Pro
SW-Sustainer





1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll => c:\Program Files\SW-Booster\Assistant.dll [4296192 2014-08-22] ()
c:\Program Files\SW-Booster
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKCU - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = http://www.dogpile.com/search/web?fcoid=417&fc.....ql=&q={searchTerms}
SearchScopes: HKCU - {3A748936-3C4B-4965-A0AA-94D2CA2592F8} URL = http://search.ividi.org/?q={searchTerms}&src=tbsp&id=2cf1ec7b0000000000006c626d450386&affilt=3&r=553
SearchScopes: HKCU - {9E06BDCF-0BDA-468E-B603-AEFD462C9890} URL = http://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=2cf1ec7b0000000000006c626d450386&r=669
FF Homepage: hxxp://search.gboxapp.com/
FF user.js: detected! => C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\user.js
FF Extension: MySearch - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\5aeayoea@vrlaiou.edu [2014-08-07]
FF Extension: prIcuechop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\iyijq@ctwo-.edu [2014-07-21]
FF Extension: pricEEcehop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\ogqq-g@qsdqhpahz.org [2014-08-07]
FF Extension: NeXtCoup - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\wnsgo@zpvwyaua.org [2014-07-21]
CHR HomePage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1720&v=n12712-368&t=4
CHR StartupUrls: "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1720&v=n12712-368&t=4", "hxxp://search.gboxapp.com/"
CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi [2014-08-22]
CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi\3.9 [2014-08-22]
CHR HKLM\...\Chrome\Extension: [infnpeniaicgjpbmfkbgafklodbpjgjn] - C:\Program Files\MediaViewV1\MediaViewV1alpha391\ch\MediaViewV1alpha391.crx []
CHR HKLM\...\Chrome\Extension: [lefopkabiomfgkedgnpdbnlpnilcfgho] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha456\ch\MediaViewerV1alpha456.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 c67abfdb; c:\Program Files\SW-Booster\AssistantSvc.dll [174928 2014-08-22] () [File not signed]
2014-08-22 18:56 - 2014-08-25 13:17 - 00000000 ____D () C:\Program Files\pricechoP
2014-07-29 00:05 - 2014-07-31 11:26 - 00000000 ____D () C:\ProgramData\MySearch
2014-07-29 00:04 - 2014-07-30 11:07 - 00000000 ____D () C:\Program Files\MySearch
2014-07-29 00:02 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\pricEEcehop
2014-07-29 00:02 - 2014-07-30 11:31 - 00000000 ____D () C:\Program Files\pricEEcehop
2014-08-20 04:56 - 2014-07-27 14:20 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-29 00:03 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\EZSoftware
2014-07-27 14:20 - 2014-07-27 14:20 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate
2014-08-15 13:03 - 2013-08-26 17:10 - 00000000 ____D () C:\ProgramData\InstallMate
2014-08-04 13:28 - 2014-08-04 13:28 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-07-29 00:19 - 2014-07-29 00:19 - 00000000 ____D () C:\Users\prle\Documents\Optimizer Pro
2014-07-29 00:05 - 2014-07-31 11:26 - 00000000 ____D () C:\ProgramData\MySearch
2014-07-29 00:04 - 2014-07-30 11:07 - 00000000 ____D () C:\Program Files\MySearch
2014-07-29 00:04 - 2014-07-30 11:05 - 00000000 ____D () C:\Program Files\Optimizer Pro
C:\Users\prle\AppData\Local\Conduit
C:\Program Files\Pando Networks
CustomCLSID: HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CustomCLSID: HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{939A0D04-0E07-48FE-A463-6623B70C3A96}\localserver32 -> "C:\Users\prle\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe" No File
Task: {555A12CC-661A-44EC-B73B-F64D81C64A91} - \SPBIW_UpdateTask_Time_333036323133313237392d575b323478415a45375a456c No Task File <==== ATTENTION
Task: {7BC94640-2EFD-4254-B760-4A7994275F49} - \ShopperPro No Task File <==== ATTENTION
Task: {8A148FFA-7154-4855-8C74-1BE691846BC0} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: {EFB25483-2E6E-4583-98C2-E01B2E891C78} - \SPDriver No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:5C493F5A
AlternateDataStreams: C:\ProgramData\TEMP:E36FE0BB
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid"
EmptyTemp:

2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.






Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 25 Avg 2014 15:19

Ne mogu izbrisati : Shopper-Pro
SW-Sustainer

Ne dozvoljava mi..

Dopuna: 25 Avg 2014 15:20

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Samo nastavi dalje po uputstvu, preskoči to što ne možeš da obrišeš.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:24-08-2014 03
Ran by prle at 2014-08-25 22:02:41 Run:1
Running from D:\Ja
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll => c:\Program Files\SW-Booster\Assistant.dll [4296192 2014-08-22] ()
c:\Program Files\SW-Booster
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKCU - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKCU - {3A748936-3C4B-4965-A0AA-94D2CA2592F8} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src=tbsp&id=2cf1ec7b0000000000006c626d450386&affilt=3&r=553
SearchScopes: HKCU - {9E06BDCF-0BDA-468E-B603-AEFD462C9890} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&SearchSource=4&cc=&mi=2cf1ec7b0000000000006c626d450386&r=669
FF Homepage: [Link mogu videti samo ulogovani korisnici]
FF user.js: detected! => C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\user.js
FF Extension: MySearch - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\5aeayoea@vrlaiou.edu [2014-08-07]
FF Extension: prIcuechop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\iyijq@ctwo-.edu [2014-07-21]
FF Extension: pricEEcehop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\ogqq-g@qsdqhpahz.org [2014-08-07]
FF Extension: NeXtCoup - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\wnsgo@zpvwyaua.org [2014-07-21]
CHR HomePage: [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1720&v=n12712-368&t=4", "hxxp://search.gboxapp.com/"
CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi [2014-08-22]
CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi\3.9 [2014-08-22]
CHR HKLM\...\Chrome\Extension: [infnpeniaicgjpbmfkbgafklodbpjgjn] - C:\Program Files\MediaViewV1\MediaViewV1alpha391\ch\MediaViewV1alpha391.crx []
CHR HKLM\...\Chrome\Extension: [lefopkabiomfgkedgnpdbnlpnilcfgho] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha456\ch\MediaViewerV1alpha456.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 c67abfdb; c:\Program Files\SW-Booster\AssistantSvc.dll [174928 2014-08-22] () [File not signed]
2014-08-22 18:56 - 2014-08-25 13:17 - 00000000 ____D () C:\Program Files\pricechoP
2014-07-29 00:05 - 2014-07-31 11:26 - 00000000 ____D () C:\ProgramData\MySearch
2014-07-29 00:04 - 2014-07-30 11:07 - 00000000 ____D () C:\Program Files\MySearch
2014-07-29 00:02 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\pricEEcehop
2014-07-29 00:02 - 2014-07-30 11:31 - 00000000 ____D () C:\Program Files\pricEEcehop
2014-08-20 04:56 - 2014-07-27 14:20 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-29 00:03 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\EZSoftware
2014-07-27 14:20 - 2014-07-27 14:20 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate
2014-08-15 13:03 - 2013-08-26 17:10 - 00000000 ____D () C:\ProgramData\InstallMate
2014-08-04 13:28 - 2014-08-04 13:28 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-07-29 00:19 - 2014-07-29 00:19 - 00000000 ____D () C:\Users\prle\Documents\Optimizer Pro
2014-07-29 00:05 - 2014-07-31 11:26 - 00000000 ____D () C:\ProgramData\MySearch
2014-07-29 00:04 - 2014-07-30 11:07 - 00000000 ____D () C:\Program Files\MySearch
2014-07-29 00:04 - 2014-07-30 11:05 - 00000000 ____D () C:\Program Files\Optimizer Pro
C:\Users\prle\AppData\Local\Conduit
C:\Program Files\Pando Networks
CustomCLSID: HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CustomCLSID: HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{939A0D04-0E07-48FE-A463-6623B70C3A96}\localserver32 -> "C:\Users\prle\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe" No File
Task: {555A12CC-661A-44EC-B73B-F64D81C64A91} - \SPBIW_UpdateTask_Time_333036323133313237392d575b323478415a45375a456c No Task File <==== ATTENTION
Task: {7BC94640-2EFD-4254-B760-4A7994275F49} - \ShopperPro No Task File <==== ATTENTION
Task: {8A148FFA-7154-4855-8C74-1BE691846BC0} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: {EFB25483-2E6E-4583-98C2-E01B2E891C78} - \SPDriver No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:5C493F5A
AlternateDataStreams: C:\ProgramData\TEMP:E36FE0BB
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid"
EmptyTemp:
*****************

"c:\progra~1\sw-boo~1\assist~1.dll" => Value Data removed successfully.
c:\Program Files\SW-Booster => Moved successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{32D5563E-5F7D-4739-96F8-18D1390F66B7}" => Key deleted successfully.
"HKCR\CLSID\{32D5563E-5F7D-4739-96F8-18D1390F66B7}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{32D5563E-5F7D-4739-96F8-18D1390F66B7}" => Key deleted successfully.
"HKCR\CLSID\{32D5563E-5F7D-4739-96F8-18D1390F66B7}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A748936-3C4B-4965-A0AA-94D2CA2592F8}" => Key deleted successfully.
"HKCR\CLSID\{3A748936-3C4B-4965-A0AA-94D2CA2592F8}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9E06BDCF-0BDA-468E-B603-AEFD462C9890}" => Key deleted successfully.
"HKCR\CLSID\{9E06BDCF-0BDA-468E-B603-AEFD462C9890}" => Key not found.
Firefox homepage deleted successfully.
C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\user.js => Moved successfully.
C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\5aeayoea@vrlaiou.edu => Moved successfully.
C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\iyijq@ctwo-.edu => Moved successfully.
C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\ogqq-g@qsdqhpahz.org => Moved successfully.
C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\wnsgo@zpvwyaua.org => Moved successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi directory not found.
C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi\3.9 directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\infnpeniaicgjpbmfkbgafklodbpjgjn" => Key deleted successfully.
"C:\Program Files\MediaViewV1\MediaViewV1alpha391\ch\MediaViewV1alpha391.crx" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lefopkabiomfgkedgnpdbnlpnilcfgho" => Key deleted successfully.
"C:\Program Files\MediaViewerV1\MediaViewerV1alpha456\ch\MediaViewerV1alpha456.crx" => File/Directory not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
c67abfdb => Service deleted successfully.
C:\Program Files\pricechoP => Moved successfully.
C:\ProgramData\MySearch => Moved successfully.
C:\Program Files\MySearch => Moved successfully.
C:\ProgramData\pricEEcehop => Moved successfully.
C:\Program Files\pricEEcehop => Moved successfully.
C:\Program Files\globalUpdate => Moved successfully.
C:\ProgramData\EZSoftware => Moved successfully.
C:\Users\prle\AppData\Local\globalUpdate => Moved successfully.
C:\ProgramData\InstallMate => Moved successfully.
C:\Users\Public\Documents\YTAHelper => Moved successfully.
C:\Users\prle\Documents\Optimizer Pro => Moved successfully.
"C:\ProgramData\MySearch" => File/Directory not found.
"C:\Program Files\MySearch" => File/Directory not found.
C:\Program Files\Optimizer Pro => Moved successfully.
"C:\Users\prle\AppData\Local\Conduit" => File/Directory not found.
C:\Program Files\Pando Networks => Moved successfully.
"HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}" => Key deleted successfully.
"HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{939A0D04-0E07-48FE-A463-6623B70C3A96}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{555A12CC-661A-44EC-B73B-F64D81C64A91}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{555A12CC-661A-44EC-B73B-F64D81C64A91}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_333036323133313237392d575b323478415a45375a456c" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BC94640-2EFD-4254-B760-4A7994275F49}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BC94640-2EFD-4254-B760-4A7994275F49}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperPro" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8A148FFA-7154-4855-8C74-1BE691846BC0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A148FFA-7154-4855-8C74-1BE691846BC0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EFB25483-2E6E-4583-98C2-E01B2E891C78}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFB25483-2E6E-4583-98C2-E01B2E891C78}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver" => Key deleted successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
C:\ProgramData\TEMP => ":5C493F5A" ADS removed successfully.
C:\ProgramData\TEMP => ":E36FE0BB" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" =========

Permanently delete the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid (Yes/No)? Operacija je uspeçno dovrçena.



========= End of Reg: =========

EmptyTemp: => Removed 3.7 GB temporary data.


The system needed a reboot.

==== End of Fixlog ====


[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

• 1Ovo se svidja korisniku: TheChains
  
  Registruj se da bi pohvalio/la poruku!

Kakvo je sada stanje?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Mnogo bolje, izbrisan je SW booster i Shopper-Pro. Hvala !

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Još nešto da proverimo, za svaki slučaj.


Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;


• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.




>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.




Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Bez Malwera proslo.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kompjuter je sada čist što se malware-a tiče.



• Sledeća procedura će implementirati završno čišćenje.

Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.