MyCity » Ambulanta -> Arhiva Ambulante » Ciscenje racunara

Ciscenje racunara

Napisano na dan: 25.8.2014

Ciscenje racunara

Sledeća strana

Pagination

Odgovori

TheChains Poslao: 25 Avg 2014 13:27 Idi na vrh
offline TheChains Zaslužni građanin Absolut Gut Pridružio: 13 Avg 2012 Poruke: 561 Gde živiš: Atakama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: 1) Provera racunara, trojanci, malweri.. I SW-booster ne mogu da obrisem.. Izvestaji : Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-08-2014 03 Ran by prle (administrator) on PRLE-PC on 25-08-2014 13:20:01 Running from C:\Users\prle\Downloads Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: engleski (SAD) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Pandora.TV) C:\Program Files\PANDORA.TV\PanService\KMPService.exe (TopLang Software) C:\Program Files\Password Door\TLPD.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (PandoraTV) C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Users\prle\AppData\Local\Temp\Rar$EX17.416\delete doctor 2.1.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Luxand Blink!] => C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe [7630656 2012-02-08] (Luxand, Inc.) HKLM\...\Run: [Fences] => C:\Program Files\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-06-20] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [Password Door] => C:\Program Files\Password Door\TLPD.EXE [61952 2008-03-22] (TopLang Software) HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2014-08-18] (Glarysoft Ltd) HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {1ac22040-806c-11e3-b5d0-806e6f6e6963} - H:\setup.exe HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\...\Run: [Password Door] => C:\Program Files\Password Door\TLPD.EXE [61952 2008-03-22] (TopLang Software) HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\...\Run: [LightShot] => C:\Users\UpdatusUser\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll => c:\Program Files\SW-Booster\Assistant.dll [4296192 2014-08-22] () Startup: C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk ShortcutTarget: Fences.lnk -> C:\Program Files\Stardock\Fences\Fences.exe (Stardock Corporation) BootExecute: autocheck autochk * BootDefrag.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x00BA1EF6EC73CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-me HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = ${SEARCH_URL}{searchTerms} SearchScopes: HKCU - DefaultScope {72302D6D-935C-4346-A5BB-96881B825ED8} URL = https://search.yahoo.com/search?fr=chr-greentree_i.....549&p={searchTerms} SearchScopes: HKCU - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = http://www.dogpile.com/search/web?fcoid=417&fc.....ql=&q={searchTerms} SearchScopes: HKCU - {3A748936-3C4B-4965-A0AA-94D2CA2592F8} URL = http://search.ividi.org/?q={searchTerms}&src=tbsp&id=2cf1ec7b0000000000006c626d450386&affilt=3&r=553 SearchScopes: HKCU - {72302D6D-935C-4346-A5BB-96881B825ED8} URL = https://search.yahoo.com/search?fr=chr-greentree_i.....549&p={searchTerms} SearchScopes: HKCU - {9E06BDCF-0BDA-468E-B603-AEFD462C9890} URL = http://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=2cf1ec7b0000000000006c626d450386&r=669 BHO: Adblocker -> {14669796-CB3C-9319-34CA-35BBB8D245CB} -> C:\Program Files\Adblocker\bI2.dll () BHO: pricechoP -> {453FA534-9E32-9505-97D9-08904D3E50E6} -> C:\Program Files\pricechoP\Z41UQ3ZdSc.dll No File BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 FireFox: ======== FF ProfilePath: C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default FF Homepage: hxxp://search.gboxapp.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\prle\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.) FF user.js: detected! => C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\user.js FF SearchPlugin: C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\searchplugins\yahoo_ff.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml FF Extension: MySearch - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\5aeayoea@vrlaiou.edu [2014-08-07] FF Extension: Adblocker - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\hrieamia@nssn-fj.net [2014-08-07] FF Extension: LavaFox V2 - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\info@djzig.com [2014-07-28] FF Extension: prIcuechop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\iyijq@ctwo-.edu [2014-07-21] FF Extension: pricEEcehop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\ogqq-g@qsdqhpahz.org [2014-08-07] FF Extension: Adblocker - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\st7asa@eiee-.org [2014-07-21] FF Extension: No Name - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\staged [2014-08-07] FF Extension: NeXtCoup - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\wnsgo@zpvwyaua.org [2014-07-21] FF Extension: Lightweight Themes Manager - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\lwthemes-manager@loucypher.xpi [2014-03-17] FF Extension: Stylish - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-03-17] FF Extension: YouTube High Definition - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-03-17] FF Extension: Adblock Plus - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-17] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] Chrome: ======= CHR HomePage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1720&v=n12712-368&t=4 CHR StartupUrls: "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1720&v=n12712-368&t=4", "hxxp://search.gboxapp.com/" CHR NewTab: "chrome-extension://dakgbglbnknamgmkelnidgjadghljmjo/template/index.html" CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter} CHR Extension: (Shader - 3D New Tab) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\dakgbglbnknamgmkelnidgjadghljmjo [2014-08-21] CHR Extension: (Временскa прогноза) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2014-08-21] CHR Extension: (Fokus) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\flkkpmjbbpijiedjdgnhkcgopgnflehe [2014-08-21] CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi [2014-08-22] CHR Extension: (ХД паркинг) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkdooliglceibodeofbaodappohpdop [2014-08-21] CHR Extension: (Eyes - The Horror Game) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jojpkokphfnjlhbnbcilnhgnkkobkngd [2014-08-21] CHR Extension: (ИП адреса) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2014-08-21] CHR Extension: (Auto Replay for YouTube™) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2014-08-21] CHR Extension: (Skype Click to Call) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-21] CHR Extension: (Auto Replay for YouTube™) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcdpnidfhfjfbafmpppcplcejgepadbo [2014-08-21] CHR Extension: (Google новчаник) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21] CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi\3.9 [2014-08-22] CHR HKLM\...\Chrome\Extension: [infnpeniaicgjpbmfkbgafklodbpjgjn] - C:\Program Files\MediaViewV1\MediaViewV1alpha391\ch\MediaViewV1alpha391.crx [] CHR HKLM\...\Chrome\Extension: [lefopkabiomfgkedgnpdbnlpnilcfgho] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha456\ch\MediaViewerV1alpha456.crx [] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 c67abfdb; c:\Program Files\SW-Booster\AssistantSvc.dll [174928 2014-08-22] () [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-06-20] (Microsoft Corporation) R2 PanService; C:\Program Files\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.) S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2012-10-18] (Atheros Communications, Inc.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-12] (AVG Technologies) R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16064 2014-07-18] (Glarysoft Ltd) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2014-01-18] (DT Soft Ltd) S3 gggen; C:\Windows\System32\DRIVERS\gggen.sys [11648 2006-09-28] (Sony Ericsson Mobile Communications) [File not signed] S3 ggsemc; C:\Windows\System32\DRIVERS\ggsemc.sys [11648 2006-09-28] (Sony Ericsson Mobile Communications) [File not signed] S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2014-08-03] (Sony Mobile Communications) S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17216 2014-08-25] (Glarysoft Ltd) S3 hcdriver; C:\Windows\System32\DRIVERS\hcdriver.sys [55208 2013-08-21] (Intel Corporation) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22688 2014-07-20] (REALiX(tm)) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation) S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation) S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation) S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation) S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation) S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation) S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation) S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation) S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [83336 2007-04-24] (MCCI Corporation) S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [15112 2007-04-24] (MCCI Corporation) S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [108680 2007-04-24] (MCCI Corporation) S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [100488 2007-04-24] (MCCI Corporation) S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [98696 2007-04-24] (MCCI Corporation) R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113168 2012-12-09] (Power Software Ltd) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2014-01-18] (Duplex Secure Ltd.) S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed] U3 am8jsnvm; C:\Windows\system32\Drivers\am8jsnvm.sys [0 ] (Advanced Micro Devices) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-25 13:20 - 2014-08-25 13:20 - 00021717 _____ () C:\Users\prle\Downloads\FRST.txt 2014-08-25 13:19 - 2014-08-25 13:20 - 00000000 ____D () C:\FRST 2014-08-25 13:19 - 2014-08-25 13:19 - 01095168 _____ (Farbar) C:\Users\prle\Downloads\FRST.exe 2014-08-25 13:08 - 2014-08-25 13:08 - 00142279 _____ () C:\Users\prle\Downloads\delete doctor 2.1.rar 2014-08-25 11:01 - 2014-08-25 11:01 - 00017216 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys 2014-08-25 11:01 - 2014-08-25 11:01 - 00001014 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2014-08-25 11:01 - 2014-08-25 11:01 - 00001002 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk 2014-08-25 11:01 - 2014-08-25 11:01 - 00000318 _____ () C:\Windows\Tasks\GlaryInitialize 5.job 2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\Users\prle\AppData\Roaming\DiskDefrag 2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\Program Files\Glary Utilities 5 2014-08-25 11:01 - 2014-08-18 03:06 - 00101664 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe 2014-08-25 11:01 - 2014-07-18 09:11 - 00016064 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys 2014-08-25 11:00 - 2014-08-25 11:00 - 00001549 _____ () C:\GUDownLoaddebug.txt 2014-08-25 11:00 - 2014-08-25 11:00 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Undelete.lnk 2014-08-25 11:00 - 2014-08-25 11:00 - 00001143 _____ () C:\Users\Public\Desktop\Glary Undelete.lnk 2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft 2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Program Files\Glarysoft 2014-08-25 10:59 - 2014-08-25 11:00 - 04636312 _____ () C:\Users\prle\Downloads\gunsetup.exe 2014-08-23 20:28 - 2014-08-23 20:28 - 00225088 _____ () C:\Users\prle\Downloads\FLVPlayer_downloader-N4dGc00sK.exe 2014-08-23 03:38 - 2014-08-23 03:38 - 19946468 _____ () C:\Users\prle\Downloads\CommunityShowcaseRuralLandscapes2.themepack 2014-08-23 03:19 - 2014-08-23 03:19 - 00004084 _____ () C:\Users\prle\Downloads\Priča jednog dečaka.txt 2014-08-22 22:11 - 2014-08-25 03:53 - 00000112 _____ () C:\Windows\setupact.log 2014-08-22 22:11 - 2014-08-22 22:11 - 00001052 _____ () C:\Windows\PFRO.log 2014-08-22 22:11 - 2014-08-22 22:11 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-22 22:06 - 2014-08-22 22:06 - 00009578 _____ () C:\Users\prle\Downloads\[kickass.to]windows.vista.7.8.genuine.activator.2014.gerti123.torrent 2014-08-22 18:59 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-22 18:59 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-22 18:58 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-22 18:58 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-22 18:58 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-22 18:58 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-22 18:58 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-22 18:58 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-22 18:58 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-22 18:57 - 2014-08-22 18:57 - 00000000 ____D () C:\ProgramData\Trusted Publisher 2014-08-22 18:57 - 2014-08-22 18:57 - 00000000 ____D () C:\Program Files\SW-Booster 2014-08-22 18:56 - 2014-08-25 13:17 - 00000000 ____D () C:\Program Files\pricechoP 2014-08-22 18:56 - 2014-08-25 13:16 - 00000000 ____D () C:\Program Files\EZDownloader 2014-08-22 18:56 - 2014-08-22 18:56 - 00001859 _____ () C:\Users\Public\Desktop\EZDownloader.lnk 2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\Windows\system32\X86 2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\Windows\system32\AMD64 2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\ProgramData\pricechoP 2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader 2014-08-22 02:17 - 2014-08-22 02:17 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Verimatrix 2014-08-22 02:17 - 2014-08-22 02:17 - 00000000 ____D () C:\Program Files\Verimatrix 2014-08-21 21:22 - 2014-08-21 21:22 - 00000644 _____ () C:\Users\prle\Downloads\Microsoft_SR-1259485519.txt 2014-08-21 21:05 - 2014-08-21 21:06 - 00002709 _____ () C:\Users\prle\Downloads\legitcheck.hta 2014-08-20 20:02 - 2014-08-20 20:02 - 00020741 _____ () C:\Users\prle\Downloads\[kickass.to]vertigo.1958.1080p.brrip.x264.yify.torrent 2014-08-20 18:51 - 2014-08-20 18:51 - 00000000 ____D () C:\Users\prle\Documents\Lightshot 2014-08-20 12:23 - 2014-08-20 12:23 - 00003288 ____N () C:\bootsqm.dat 2014-08-19 18:47 - 2014-08-19 18:47 - 00000000 ____D () C:\ProgramData\GlarySoft 2014-08-19 18:40 - 2014-08-19 18:40 - 00000000 ____D () C:\Users\prle\AppData\Roaming\GlarySoft 2014-08-15 23:18 - 2014-08-15 23:48 - 00000000 ____D () C:\Users\prle\Documents\Euro Truck Simulator 2014-08-15 22:12 - 2014-08-16 03:07 - 00000000 ____D () C:\Users\prle\Documents\Euro Truck Simulator 2 2014-08-15 13:05 - 2014-08-20 12:23 - 00000000 ____D () C:\ProgramData\PlutoApp 2014-08-15 13:04 - 2014-08-16 13:07 - 00000000 ____D () C:\ProgramData\ppruiceChop 2014-08-15 13:04 - 2014-08-16 03:10 - 00000000 ____D () C:\Program Files\ppruiceChop 2014-08-14 21:00 - 2014-08-14 21:01 - 00000000 ____D () C:\Program Files\SecurityXploded 2014-08-10 09:17 - 2014-08-10 09:22 - 00000000 ____D () C:\Users\prle\Downloads\Still Life Moving Fast 2014-08-09 17:52 - 2014-08-09 17:52 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-08-07 23:03 - 2014-08-07 23:03 - 00000829 _____ () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-08-07 21:25 - 2014-08-07 21:25 - 00000824 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Football Manager 2014.lnk 2014-08-07 21:25 - 2014-08-07 21:25 - 00000812 _____ () C:\Users\Public\Desktop\Football Manager 2014.lnk 2014-08-07 21:20 - 2014-08-07 21:46 - 00000000 ____D () C:\Program Files\Football Manager 2014 2014-08-07 16:35 - 2014-08-07 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2014-08-07 16:34 - 2014-08-12 14:00 - 00000000 ____D () C:\Program Files\AVG Secure Search 2014-08-06 05:16 - 2014-08-06 05:16 - 00000001 _____ () C:\Users\prle\AppData\Local\llftool.4.40.agreement 2014-08-06 05:16 - 2014-08-06 05:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool 2014-08-06 05:16 - 2014-08-06 05:16 - 00000000 ____D () C:\Program Files\HDDGURU LLF Tool 2014-08-06 05:07 - 2014-08-06 05:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Hard Disk Sentinel 2014-08-06 05:06 - 2014-08-06 06:35 - 00000000 ____D () C:\Program Files\Hard Disk Sentinel 2014-08-06 04:45 - 2014-08-06 04:45 - 00000000 ____D () C:\$WINDOWS.~BT 2014-08-06 03:24 - 2014-08-06 03:26 - 00000000 ____D () C:\Users\prle\AppData\Local\Apps\Windows 7 USB DVD Download Tool 2014-08-06 03:24 - 2014-08-06 03:24 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2014-08-06 02:26 - 2014-08-16 03:07 - 00000000 ____D () C:\Program Files\HD Tune Pro 2014-08-06 02:03 - 2014-08-06 19:45 - 00000000 ____D () C:\Users\prle\AppData\Local\AVG Secure Search 2014-08-06 02:02 - 2014-08-12 14:00 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys 2014-08-06 02:02 - 2014-08-06 02:02 - 00000000 ____D () C:\ProgramData\AVG Secure Search 2014-08-06 02:02 - 2014-08-06 02:02 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search 2014-08-06 02:01 - 2014-08-07 16:43 - 00000000 ____D () C:\Program Files\PowerISO 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\ProgramData\BVRP Software 2014-08-04 14:29 - 2014-08-04 14:29 - 00000000 ____D () C:\Users\prle\Documents\Sony Ericsson 2014-08-04 14:26 - 2014-08-16 03:09 - 00000000 ____D () C:\ProgramData\Sony Mobile 2014-08-04 14:12 - 2008-05-16 11:33 - 00120744 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016mdm.sys 2014-08-04 14:12 - 2008-05-16 11:33 - 00115752 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016unic.sys 2014-08-04 14:12 - 2008-05-16 11:33 - 00114216 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016mgmt.sys 2014-08-04 14:12 - 2008-05-16 11:33 - 00110632 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016obex.sys 2014-08-04 14:12 - 2008-05-16 11:33 - 00089256 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016bus.sys 2014-08-04 14:12 - 2008-05-16 11:33 - 00025512 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016nd5.sys 2014-08-04 14:12 - 2008-05-16 11:33 - 00015016 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016mdfl.sys 2014-08-04 14:12 - 2008-05-16 11:33 - 00012200 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016whnt.sys 2014-08-04 14:12 - 2008-05-16 11:33 - 00012200 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016wh.sys 2014-08-04 14:12 - 2008-05-16 11:33 - 00012200 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016cmnt.sys 2014-08-04 14:12 - 2008-05-16 11:33 - 00012200 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016cm.sys 2014-08-04 14:12 - 2008-05-16 11:33 - 00010792 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s0016cr.sys 2014-08-04 14:06 - 2014-08-04 14:06 - 00000000 ____D () C:\Users\prle\AppData\Local\Sony Ericsson 2014-08-04 14:02 - 2014-08-04 14:02 - 00000000 ____D () C:\ProgramData\Sony Ericsson 2014-08-04 13:39 - 2014-08-20 04:41 - 00000000 ____D () C:\Users\prle\AppData\Local\CrashDumps 2014-08-04 13:34 - 2014-08-04 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsomc_01009.Wdf 2014-08-04 13:34 - 2014-08-04 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf 2014-08-04 13:28 - 2014-08-04 15:33 - 00000000 ____D () C:\Users\prle\AppData\Local\CatalinaGroup 2014-08-04 13:28 - 2014-08-04 13:28 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper 2014-08-04 13:27 - 2014-08-05 10:39 - 00000000 ____D () C:\Program Files\ShopperPro 2014-08-04 13:27 - 2014-08-04 14:13 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO 2014-08-04 13:27 - 2014-08-04 13:27 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro 2014-08-04 13:27 - 2014-08-04 13:27 - 00000000 ____D () C:\ProgramData\ShopperPro 2014-08-03 21:09 - 2014-08-03 21:09 - 00026328 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys 2014-08-03 21:09 - 2014-08-03 21:09 - 00013528 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys 2014-08-03 21:07 - 2014-08-04 13:16 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile 2014-08-03 21:06 - 2014-08-16 03:09 - 00000000 ____D () C:\Program Files\Sony Mobile 2014-08-03 20:01 - 2014-08-04 14:28 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc 2014-08-01 16:21 - 2014-08-01 18:01 - 00000000 ____D () C:\video_output 2014-08-01 16:20 - 2014-08-04 14:27 - 00000000 ____D () C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter 2014-07-30 11:14 - 2014-08-06 07:52 - 00000000 ____D () C:\Program Files\Free Easy CD DVD Burner 2014-07-30 11:14 - 2014-07-30 11:15 - 00000000 ____D () C:\Users\prle\AppData\Roaming\FreeBurner 2014-07-30 11:14 - 2011-09-28 09:20 - 00040960 _____ (vbAccelerator) C:\Windows\system32\SSubTmr6.dll 2014-07-30 11:10 - 2014-07-30 11:10 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Acoustica 2014-07-30 11:10 - 2007-08-07 11:32 - 00057344 _____ (NexiTech, Inc.) C:\Windows\system32\Wnaspint.dll 2014-07-30 11:10 - 2007-08-07 10:58 - 00032768 _____ (Frog ASPI / Millenod) C:\Windows\system32\Wnaspi32.dll 2014-07-29 00:19 - 2014-07-29 00:19 - 00000000 ____D () C:\Users\prle\Documents\Optimizer Pro 2014-07-29 00:05 - 2014-07-31 11:26 - 00000000 ____D () C:\ProgramData\MySearch 2014-07-29 00:04 - 2014-07-30 11:07 - 00000000 ____D () C:\Program Files\MySearch 2014-07-29 00:04 - 2014-07-30 11:05 - 00000000 ____D () C:\Program Files\Optimizer Pro 2014-07-29 00:03 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\EZSoftware 2014-07-29 00:02 - 2014-08-22 18:56 - 00000000 ____D () C:\ProgramData\Adblocker 2014-07-29 00:02 - 2014-08-22 18:56 - 00000000 ____D () C:\Program Files\Adblocker 2014-07-29 00:02 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\pricEEcehop 2014-07-29 00:02 - 2014-07-30 11:31 - 00000000 ____D () C:\Program Files\pricEEcehop 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\prle\AppData\Local\Torch 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\prle\AppData\Local\Chromatic Browser 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-27 22:37 - 2014-08-25 10:52 - 00903625 _____ () C:\Windows\WindowsUpdate.log 2014-07-27 17:18 - 2014-07-27 17:18 - 00159144 _____ (Microsoft Corporation) C:\Users\prle\Documents\WindowsActivationUpdate.exe 2014-07-27 14:20 - 2014-08-20 04:56 - 00000000 ____D () C:\Program Files\globalUpdate 2014-07-27 14:20 - 2014-07-27 14:20 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate 2014-07-27 01:56 - 2014-08-25 02:45 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Skype ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-25 13:20 - 2014-08-25 13:20 - 00021717 _____ () C:\Users\prle\Downloads\FRST.txt 2014-08-25 13:20 - 2014-08-25 13:19 - 00000000 ____D () C:\FRST 2014-08-25 13:19 - 2014-08-25 13:19 - 01095168 _____ (Farbar) C:\Users\prle\Downloads\FRST.exe 2014-08-25 13:17 - 2014-08-22 18:56 - 00000000 ____D () C:\Program Files\pricechoP 2014-08-25 13:16 - 2014-08-22 18:56 - 00000000 ____D () C:\Program Files\EZDownloader 2014-08-25 13:08 - 2014-08-25 13:08 - 00142279 _____ () C:\Users\prle\Downloads\delete doctor 2.1.rar 2014-08-25 12:58 - 2014-07-20 15:14 - 00000374 _____ () C:\Windows\Tasks\update-sys.job 2014-08-25 12:31 - 2013-08-28 17:39 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-25 12:30 - 2013-06-28 13:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-25 11:31 - 2013-08-28 17:39 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-25 11:01 - 2014-08-25 11:01 - 00017216 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys 2014-08-25 11:01 - 2014-08-25 11:01 - 00001014 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2014-08-25 11:01 - 2014-08-25 11:01 - 00001002 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk 2014-08-25 11:01 - 2014-08-25 11:01 - 00000318 _____ () C:\Windows\Tasks\GlaryInitialize 5.job 2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\Users\prle\AppData\Roaming\DiskDefrag 2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2014-08-25 11:01 - 2014-08-25 11:01 - 00000000 ____D () C:\Program Files\Glary Utilities 5 2014-08-25 11:01 - 2013-07-27 03:03 - 00000374 _____ () C:\Windows\Tasks\update-S-1-5-21-1606030900-3430388029-1771253369-1000.job 2014-08-25 11:00 - 2014-08-25 11:00 - 00001549 _____ () C:\GUDownLoaddebug.txt 2014-08-25 11:00 - 2014-08-25 11:00 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Undelete.lnk 2014-08-25 11:00 - 2014-08-25 11:00 - 00001143 _____ () C:\Users\Public\Desktop\Glary Undelete.lnk 2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft 2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Program Files\Glarysoft 2014-08-25 11:00 - 2014-08-25 10:59 - 04636312 _____ () C:\Users\prle\Downloads\gunsetup.exe 2014-08-25 10:52 - 2014-07-27 22:37 - 00903625 _____ () C:\Windows\WindowsUpdate.log 2014-08-25 03:55 - 2014-07-18 22:21 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-25 03:53 - 2014-08-22 22:11 - 00000112 _____ () C:\Windows\setupact.log 2014-08-25 03:53 - 2014-07-24 21:07 - 00000000 ____D () C:\ProgramData\MCShield 2014-08-25 03:53 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-25 02:57 - 2009-07-14 06:34 - 00013904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-25 02:57 - 2009-07-14 06:34 - 00013904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-25 02:45 - 2014-07-27 01:56 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Skype 2014-08-23 20:28 - 2014-08-23 20:28 - 00225088 _____ () C:\Users\prle\Downloads\FLVPlayer_downloader-N4dGc00sK.exe 2014-08-23 03:38 - 2014-08-23 03:38 - 19946468 _____ () C:\Users\prle\Downloads\CommunityShowcaseRuralLandscapes2.themepack 2014-08-23 03:19 - 2014-08-23 03:19 - 00004084 _____ () C:\Users\prle\Downloads\Priča jednog dečaka.txt 2014-08-22 22:28 - 2013-07-14 19:47 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-22 22:11 - 2014-08-22 22:11 - 00001052 _____ () C:\Windows\PFRO.log 2014-08-22 22:11 - 2014-08-22 22:11 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-22 22:11 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS 2014-08-22 22:09 - 2013-07-02 22:00 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2014-08-22 22:09 - 2013-07-02 21:59 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll 2014-08-22 22:09 - 2013-07-02 21:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2014-08-22 22:09 - 2013-06-28 12:51 - 00000000 ____D () C:\Users\prle\AppData\Roaming\uTorrent 2014-08-22 22:06 - 2014-08-22 22:06 - 00009578 _____ () C:\Users\prle\Downloads\[kickass.to]windows.vista.7.8.genuine.activator.2014.gerti123.torrent 2014-08-22 18:57 - 2014-08-22 18:57 - 00000000 ____D () C:\ProgramData\Trusted Publisher 2014-08-22 18:57 - 2014-08-22 18:57 - 00000000 ____D () C:\Program Files\SW-Booster 2014-08-22 18:56 - 2014-08-22 18:56 - 00001859 _____ () C:\Users\Public\Desktop\EZDownloader.lnk 2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\Windows\system32\X86 2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\Windows\system32\AMD64 2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\ProgramData\pricechoP 2014-08-22 18:56 - 2014-08-22 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader 2014-08-22 18:56 - 2014-07-29 00:02 - 00000000 ____D () C:\ProgramData\Adblocker 2014-08-22 18:56 - 2014-07-29 00:02 - 00000000 ____D () C:\Program Files\Adblocker 2014-08-22 18:56 - 2014-07-19 20:14 - 00000000 ____D () C:\ProgramData\25d938b0586d6be2 2014-08-22 18:56 - 2014-02-14 23:22 - 00000394 __RSH () C:\ProgramData\ntuser.pol 2014-08-22 16:25 - 2013-08-20 21:26 - 02038272 ___SH () C:\Users\prle\Desktop\Thumbs.db 2014-08-22 02:17 - 2014-08-22 02:17 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Verimatrix 2014-08-22 02:17 - 2014-08-22 02:17 - 00000000 ____D () C:\Program Files\Verimatrix 2014-08-21 21:22 - 2014-08-21 21:22 - 00000644 _____ () C:\Users\prle\Downloads\Microsoft_SR-1259485519.txt 2014-08-21 21:06 - 2014-08-21 21:05 - 00002709 _____ () C:\Users\prle\Downloads\legitcheck.hta 2014-08-21 20:06 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2014-08-20 20:03 - 2014-07-12 15:03 - 00000000 ____D () C:\Insidious 2014-08-20 20:02 - 2014-08-20 20:02 - 00020741 _____ () C:\Users\prle\Downloads\[kickass.to]vertigo.1958.1080p.brrip.x264.yify.torrent 2014-08-20 18:51 - 2014-08-20 18:51 - 00000000 ____D () C:\Users\prle\Documents\Lightshot 2014-08-20 12:23 - 2014-08-20 12:23 - 00003288 ____N () C:\bootsqm.dat 2014-08-20 12:23 - 2014-08-15 13:05 - 00000000 ____D () C:\ProgramData\PlutoApp 2014-08-20 04:56 - 2014-07-29 00:03 - 00000000 ____D () C:\ProgramData\EZSoftware 2014-08-20 04:56 - 2014-07-29 00:02 - 00000000 ____D () C:\ProgramData\pricEEcehop 2014-08-20 04:56 - 2014-07-27 14:20 - 00000000 ____D () C:\Program Files\globalUpdate 2014-08-20 04:45 - 2014-01-29 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Ericsson 2014-08-20 04:45 - 2014-01-29 21:36 - 00000000 ____D () C:\Program Files\Sony Ericsson 2014-08-20 04:45 - 2013-06-28 12:40 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-08-20 04:44 - 2013-06-28 12:42 - 00000000 ____D () C:\Program Files\Common Files\InstallShield 2014-08-20 04:41 - 2014-08-04 13:39 - 00000000 ____D () C:\Users\prle\AppData\Local\CrashDumps 2014-08-19 19:03 - 2014-03-06 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2014-08-19 19:03 - 2014-02-06 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chatango 2014-08-19 19:03 - 2013-08-10 23:56 - 00000000 ____D () C:\Users\prle\Desktop\IGRICE 2014-08-19 18:47 - 2014-08-19 18:47 - 00000000 ____D () C:\ProgramData\GlarySoft 2014-08-19 18:40 - 2014-08-19 18:40 - 00000000 ____D () C:\Users\prle\AppData\Roaming\GlarySoft 2014-08-18 03:06 - 2014-08-25 11:01 - 00101664 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe 2014-08-16 13:07 - 2014-08-15 13:04 - 00000000 ____D () C:\ProgramData\ppruiceChop 2014-08-16 03:10 - 2014-08-15 13:04 - 00000000 ____D () C:\Program Files\ppruiceChop 2014-08-16 03:09 - 2014-08-04 14:26 - 00000000 ____D () C:\ProgramData\Sony Mobile 2014-08-16 03:09 - 2014-08-03 21:06 - 00000000 ____D () C:\Program Files\Sony Mobile 2014-08-16 03:07 - 2014-08-15 22:12 - 00000000 ____D () C:\Users\prle\Documents\Euro Truck Simulator 2 2014-08-16 03:07 - 2014-08-06 02:26 - 00000000 ____D () C:\Program Files\HD Tune Pro 2014-08-15 23:48 - 2014-08-15 23:18 - 00000000 ____D () C:\Users\prle\Documents\Euro Truck Simulator 2014-08-15 22:40 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2014-08-15 13:03 - 2013-08-26 17:10 - 00000000 ____D () C:\ProgramData\InstallMate 2014-08-14 21:14 - 2013-06-28 12:15 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-14 21:01 - 2014-08-14 21:00 - 00000000 ____D () C:\Program Files\SecurityXploded 2014-08-13 03:01 - 2013-06-29 22:52 - 00000000 ____D () C:\Users\prle\AppData\Roaming\DAEMON Tools Pro 2014-08-13 02:58 - 2013-07-07 06:30 - 00007598 _____ () C:\Users\prle\AppData\Local\Resmon.ResmonCfg 2014-08-12 14:00 - 2014-08-07 16:34 - 00000000 ____D () C:\Program Files\AVG Secure Search 2014-08-12 14:00 - 2014-08-06 02:02 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys 2014-08-10 09:22 - 2014-08-10 09:17 - 00000000 ____D () C:\Users\prle\Downloads\Still Life Moving Fast 2014-08-09 17:52 - 2014-08-09 17:52 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-08-09 17:52 - 2013-06-28 13:09 - 00000000 ____D () C:\ProgramData\Skype 2014-08-07 23:03 - 2014-08-07 23:03 - 00000829 _____ () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-08-07 21:49 - 2013-07-08 20:46 - 00000000 ____D () C:\Users\Public\Documents\Sports Interactive 2014-08-07 21:49 - 2013-07-08 20:46 - 00000000 ____D () C:\Users\prle\Documents\Sports Interactive 2014-08-07 21:49 - 2013-07-08 20:46 - 00000000 ____D () C:\Users\prle\AppData\Local\Sports Interactive 2014-08-07 21:46 - 2014-08-07 21:20 - 00000000 ____D () C:\Program Files\Football Manager 2014 2014-08-07 21:25 - 2014-08-07 21:25 - 00000824 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Football Manager 2014.lnk 2014-08-07 21:25 - 2014-08-07 21:25 - 00000812 _____ () C:\Users\Public\Desktop\Football Manager 2014.lnk 2014-08-07 16:43 - 2014-08-06 02:01 - 00000000 ____D () C:\Program Files\PowerISO 2014-08-07 16:35 - 2014-08-07 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2014-08-07 16:18 - 2013-06-28 13:09 - 00000000 ___RD () C:\Program Files\Skype 2014-08-06 19:45 - 2014-08-06 02:03 - 00000000 ____D () C:\Users\prle\AppData\Local\AVG Secure Search 2014-08-06 07:52 - 2014-07-30 11:14 - 00000000 ____D () C:\Program Files\Free Easy CD DVD Burner 2014-08-06 07:51 - 2014-03-17 23:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q-Dir 2014-08-06 07:51 - 2014-03-17 23:13 - 00010494 _____ () C:\Windows\Q-Dir.ini 2014-08-06 06:35 - 2014-08-06 05:06 - 00000000 ____D () C:\Program Files\Hard Disk Sentinel 2014-08-06 05:16 - 2014-08-06 05:16 - 00000001 _____ () C:\Users\prle\AppData\Local\llftool.4.40.agreement 2014-08-06 05:16 - 2014-08-06 05:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool 2014-08-06 05:16 - 2014-08-06 05:16 - 00000000 ____D () C:\Program Files\HDDGURU LLF Tool 2014-08-06 05:07 - 2014-08-06 05:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Hard Disk Sentinel 2014-08-06 04:45 - 2014-08-06 04:45 - 00000000 ____D () C:\$WINDOWS.~BT 2014-08-06 04:45 - 2014-01-20 12:17 - 00001908 _____ () C:\Windows\diagwrn.xml 2014-08-06 04:45 - 2014-01-20 12:17 - 00001908 _____ () C:\Windows\diagerr.xml 2014-08-06 03:26 - 2014-08-06 03:24 - 00000000 ____D () C:\Users\prle\AppData\Local\Apps\Windows 7 USB DVD Download Tool 2014-08-06 03:24 - 2014-08-06 03:24 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2014-08-06 02:02 - 2014-08-06 02:02 - 00000000 ____D () C:\ProgramData\AVG Secure Search 2014-08-06 02:02 - 2014-08-06 02:02 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\ProgramData\BVRP Software 2014-08-05 19:29 - 2014-05-27 00:00 - 00133120 ___SH () C:\Users\prle\Downloads\Thumbs.db 2014-08-05 10:39 - 2014-08-04 13:27 - 00000000 ____D () C:\Program Files\ShopperPro 2014-08-04 15:33 - 2014-08-04 13:28 - 00000000 ____D () C:\Users\prle\AppData\Local\CatalinaGroup 2014-08-04 14:35 - 2013-06-28 13:11 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Winamp 2014-08-04 14:29 - 2014-08-04 14:29 - 00000000 ____D () C:\Users\prle\Documents\Sony Ericsson 2014-08-04 14:28 - 2014-08-03 20:01 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc 2014-08-04 14:27 - 2014-08-01 16:20 - 00000000 ____D () C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter 2014-08-04 14:13 - 2014-08-04 13:27 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO 2014-08-04 14:13 - 2013-08-10 23:58 - 00000000 ____D () C:\ProgramData\TEMP 2014-08-04 14:06 - 2014-08-04 14:06 - 00000000 ____D () C:\Users\prle\AppData\Local\Sony Ericsson 2014-08-04 14:02 - 2014-08-04 14:02 - 00000000 ____D () C:\ProgramData\Sony Ericsson 2014-08-04 13:57 - 2013-06-28 12:59 - 00000000 ____D () C:\Program Files\Google 2014-08-04 13:34 - 2014-08-04 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsomc_01009.Wdf 2014-08-04 13:34 - 2014-08-04 13:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf 2014-08-04 13:29 - 2014-01-29 21:36 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson 2014-08-04 13:28 - 2014-08-04 13:28 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper 2014-08-04 13:27 - 2014-08-04 13:27 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro 2014-08-04 13:27 - 2014-08-04 13:27 - 00000000 ____D () C:\ProgramData\ShopperPro 2014-08-04 13:16 - 2014-08-03 21:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile 2014-08-03 21:09 - 2014-08-03 21:09 - 00026328 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys 2014-08-03 21:09 - 2014-08-03 21:09 - 00013528 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys 2014-08-03 20:09 - 2013-07-04 17:37 - 00000000 ____D () C:\Program Files\DIFX 2014-08-01 18:01 - 2014-08-01 16:21 - 00000000 ____D () C:\video_output 2014-08-01 03:25 - 2014-07-07 02:49 - 00000000 ____D () C:\Windows\pss 2014-07-31 23:42 - 2013-07-02 22:03 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-31 11:26 - 2014-07-29 00:05 - 00000000 ____D () C:\ProgramData\MySearch 2014-07-30 11:31 - 2014-07-29 00:02 - 00000000 ____D () C:\Program Files\pricEEcehop 2014-07-30 11:15 - 2014-07-30 11:14 - 00000000 ____D () C:\Users\prle\AppData\Roaming\FreeBurner 2014-07-30 11:10 - 2014-07-30 11:10 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Acoustica 2014-07-30 11:08 - 2014-07-17 02:12 - 00000000 ____D () C:\Program Files\Hard Truck 18 Wheels 2014-07-30 11:07 - 2014-07-29 00:04 - 00000000 ____D () C:\Program Files\MySearch 2014-07-30 11:05 - 2014-07-29 00:04 - 00000000 ____D () C:\Program Files\Optimizer Pro 2014-07-29 00:19 - 2014-07-29 00:19 - 00000000 ____D () C:\Users\prle\Documents\Optimizer Pro 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\prle\AppData\Local\Torch 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\prle\AppData\Local\Chromatic Browser 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-07-29 00:02 - 2014-07-29 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-29 00:02 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-07-28 15:17 - 2013-08-29 17:18 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-07-28 15:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Branding 2014-07-27 17:18 - 2014-07-27 17:18 - 00159144 _____ (Microsoft Corporation) C:\Users\prle\Documents\WindowsActivationUpdate.exe 2014-07-27 14:21 - 2013-08-28 17:40 - 00002149 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-27 14:20 - 2014-07-27 14:20 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate 2014-07-27 01:56 - 2013-06-28 13:09 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Old_Skype Some content of TEMP: ==================== C:\Users\prle\AppData\Local\Temp\gu5setup.exe C:\Users\prle\AppData\Local\Temp\Urescue_M.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-19 22:33 ==================== End Of Log ============================ https://www.mycity.rs/must-login.png

Profil

ivance95 Poslao: 25 Avg 2014 14:42 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Idi u Start - Control Panel - Program and Features i deinstaliraj: AVG Security Toolbar pricechoP Shopper-Pro SW-Sustainer 1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod: AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll => c:\Program Files\SW-Booster\Assistant.dll [4296192 2014-08-22] () c:\Program Files\SW-Booster GroupPolicy: Group Policy on Chrome detected <======= ATTENTION HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = ${SEARCH_URL}{searchTerms} SearchScopes: HKCU - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = http://www.dogpile.com/search/web?fcoid=417&fc.....ql=&q={searchTerms} SearchScopes: HKCU - {3A748936-3C4B-4965-A0AA-94D2CA2592F8} URL = http://search.ividi.org/?q={searchTerms}&src=tbsp&id=2cf1ec7b0000000000006c626d450386&affilt=3&r=553 SearchScopes: HKCU - {9E06BDCF-0BDA-468E-B603-AEFD462C9890} URL = http://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=2cf1ec7b0000000000006c626d450386&r=669 FF Homepage: hxxp://search.gboxapp.com/ FF user.js: detected! => C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\user.js FF Extension: MySearch - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\5aeayoea@vrlaiou.edu [2014-08-07] FF Extension: prIcuechop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\iyijq@ctwo-.edu [2014-07-21] FF Extension: pricEEcehop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\ogqq-g@qsdqhpahz.org [2014-08-07] FF Extension: NeXtCoup - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\wnsgo@zpvwyaua.org [2014-07-21] CHR HomePage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1720&v=n12712-368&t=4 CHR StartupUrls: "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1720&v=n12712-368&t=4", "hxxp://search.gboxapp.com/" CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi [2014-08-22] CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi\3.9 [2014-08-22] CHR HKLM\...\Chrome\Extension: [infnpeniaicgjpbmfkbgafklodbpjgjn] - C:\Program Files\MediaViewV1\MediaViewV1alpha391\ch\MediaViewV1alpha391.crx [] CHR HKLM\...\Chrome\Extension: [lefopkabiomfgkedgnpdbnlpnilcfgho] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha456\ch\MediaViewerV1alpha456.crx [] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION R2 c67abfdb; c:\Program Files\SW-Booster\AssistantSvc.dll [174928 2014-08-22] () [File not signed] 2014-08-22 18:56 - 2014-08-25 13:17 - 00000000 ____D () C:\Program Files\pricechoP 2014-07-29 00:05 - 2014-07-31 11:26 - 00000000 ____D () C:\ProgramData\MySearch 2014-07-29 00:04 - 2014-07-30 11:07 - 00000000 ____D () C:\Program Files\MySearch 2014-07-29 00:02 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\pricEEcehop 2014-07-29 00:02 - 2014-07-30 11:31 - 00000000 ____D () C:\Program Files\pricEEcehop 2014-08-20 04:56 - 2014-07-27 14:20 - 00000000 ____D () C:\Program Files\globalUpdate 2014-07-29 00:03 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\EZSoftware 2014-07-27 14:20 - 2014-07-27 14:20 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate 2014-08-15 13:03 - 2013-08-26 17:10 - 00000000 ____D () C:\ProgramData\InstallMate 2014-08-04 13:28 - 2014-08-04 13:28 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper 2014-07-29 00:19 - 2014-07-29 00:19 - 00000000 ____D () C:\Users\prle\Documents\Optimizer Pro 2014-07-29 00:05 - 2014-07-31 11:26 - 00000000 ____D () C:\ProgramData\MySearch 2014-07-29 00:04 - 2014-07-30 11:07 - 00000000 ____D () C:\Program Files\MySearch 2014-07-29 00:04 - 2014-07-30 11:05 - 00000000 ____D () C:\Program Files\Optimizer Pro C:\Users\prle\AppData\Local\Conduit C:\Program Files\Pando Networks CustomCLSID: HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File CustomCLSID: HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{939A0D04-0E07-48FE-A463-6623B70C3A96}\localserver32 -> "C:\Users\prle\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe" No File Task: {555A12CC-661A-44EC-B73B-F64D81C64A91} - \SPBIW_UpdateTask_Time_333036323133313237392d575b323478415a45375a456c No Task File <==== ATTENTION Task: {7BC94640-2EFD-4254-B760-4A7994275F49} - \ShopperPro No Task File <==== ATTENTION Task: {8A148FFA-7154-4855-8C74-1BE691846BC0} - \ShopperProJSUpd No Task File <==== ATTENTION Task: {EFB25483-2E6E-4583-98C2-E01B2E891C78} - \SPDriver No Task File <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 AlternateDataStreams: C:\ProgramData\TEMP:5C493F5A AlternateDataStreams: C:\ProgramData\TEMP:E36FE0BB Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" EmptyTemp: 2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi. 3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj. Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema. Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku. Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a. Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

Profil

TheChains Poslao: 25 Avg 2014 15:20 Idi na vrh
offline TheChains Zaslužni građanin Absolut Gut Pridružio: 13 Avg 2012 Poruke: 561 Gde živiš: Atakama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 25 Avg 2014 15:19 Ne mogu izbrisati : Shopper-Pro SW-Sustainer Ne dozvoljava mi.. Dopuna: 25 Avg 2014 15:20 http://prntscr.com/4gaeig

Profil

ivance95 Poslao: 25 Avg 2014 19:18 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Samo nastavi dalje po uputstvu, preskoči to što ne možeš da obrišeš.

Profil

TheChains Poslao: 25 Avg 2014 22:18 Idi na vrh
offline TheChains Zaslužni građanin Absolut Gut Pridružio: 13 Avg 2012 Poruke: 561 Gde živiš: Atakama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:24-08-2014 03 Ran by prle at 2014-08-25 22:02:41 Run:1 Running from D:\Ja Boot Mode: Normal ============================================== Content of fixlist: *************** AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll => c:\Program Files\SW-Booster\Assistant.dll [4296192 2014-08-22] () c:\Program Files\SW-Booster GroupPolicy: Group Policy on Chrome detected <======= ATTENTION HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = ${SEARCH_URL}{searchTerms} SearchScopes: HKCU - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = http://www.dogpile.com/search/web?fcoid=417&fc.....ql=&q={searchTerms} SearchScopes: HKCU - {3A748936-3C4B-4965-A0AA-94D2CA2592F8} URL = http://search.ividi.org/?q={searchTerms}&src=tbsp&id=2cf1ec7b0000000000006c626d450386&affilt=3&r=553 SearchScopes: HKCU - {9E06BDCF-0BDA-468E-B603-AEFD462C9890} URL = http://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=2cf1ec7b0000000000006c626d450386&r=669 FF Homepage: hxxp://search.gboxapp.com/ FF user.js: detected! => C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\user.js FF Extension: MySearch - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\5aeayoea@vrlaiou.edu [2014-08-07] FF Extension: prIcuechop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\iyijq@ctwo-.edu [2014-07-21] FF Extension: pricEEcehop - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\ogqq-g@qsdqhpahz.org [2014-08-07] FF Extension: NeXtCoup - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\wnsgo@zpvwyaua.org [2014-07-21] CHR HomePage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1720&v=n12712-368&t=4 CHR StartupUrls: "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1720&v=n12712-368&t=4", "hxxp://search.gboxapp.com/" CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi [2014-08-22] CHR Extension: (pricechop) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi\3.9 [2014-08-22] CHR HKLM\...\Chrome\Extension: [infnpeniaicgjpbmfkbgafklodbpjgjn] - C:\Program Files\MediaViewV1\MediaViewV1alpha391\ch\MediaViewV1alpha391.crx [] CHR HKLM\...\Chrome\Extension: [lefopkabiomfgkedgnpdbnlpnilcfgho] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha456\ch\MediaViewerV1alpha456.crx [] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION R2 c67abfdb; c:\Program Files\SW-Booster\AssistantSvc.dll [174928 2014-08-22] () [File not signed] 2014-08-22 18:56 - 2014-08-25 13:17 - 00000000 ____D () C:\Program Files\pricechoP 2014-07-29 00:05 - 2014-07-31 11:26 - 00000000 ____D () C:\ProgramData\MySearch 2014-07-29 00:04 - 2014-07-30 11:07 - 00000000 ____D () C:\Program Files\MySearch 2014-07-29 00:02 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\pricEEcehop 2014-07-29 00:02 - 2014-07-30 11:31 - 00000000 ____D () C:\Program Files\pricEEcehop 2014-08-20 04:56 - 2014-07-27 14:20 - 00000000 ____D () C:\Program Files\globalUpdate 2014-07-29 00:03 - 2014-08-20 04:56 - 00000000 ____D () C:\ProgramData\EZSoftware 2014-07-27 14:20 - 2014-07-27 14:20 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate 2014-08-15 13:03 - 2013-08-26 17:10 - 00000000 ____D () C:\ProgramData\InstallMate 2014-08-04 13:28 - 2014-08-04 13:28 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper 2014-07-29 00:19 - 2014-07-29 00:19 - 00000000 ____D () C:\Users\prle\Documents\Optimizer Pro 2014-07-29 00:05 - 2014-07-31 11:26 - 00000000 ____D () C:\ProgramData\MySearch 2014-07-29 00:04 - 2014-07-30 11:07 - 00000000 ____D () C:\Program Files\MySearch 2014-07-29 00:04 - 2014-07-30 11:05 - 00000000 ____D () C:\Program Files\Optimizer Pro C:\Users\prle\AppData\Local\Conduit C:\Program Files\Pando Networks CustomCLSID: HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File CustomCLSID: HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{939A0D04-0E07-48FE-A463-6623B70C3A96}\localserver32 -> "C:\Users\prle\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe" No File Task: {555A12CC-661A-44EC-B73B-F64D81C64A91} - \SPBIW_UpdateTask_Time_333036323133313237392d575b323478415a45375a456c No Task File <==== ATTENTION Task: {7BC94640-2EFD-4254-B760-4A7994275F49} - \ShopperPro No Task File <==== ATTENTION Task: {8A148FFA-7154-4855-8C74-1BE691846BC0} - \ShopperProJSUpd No Task File <==== ATTENTION Task: {EFB25483-2E6E-4583-98C2-E01B2E891C78} - \SPDriver No Task File <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 AlternateDataStreams: C:\ProgramData\TEMP:5C493F5A AlternateDataStreams: C:\ProgramData\TEMP:E36FE0BB Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" EmptyTemp: *************** "c:\progra~1\sw-boo~1\assist~1.dll" => Value Data removed successfully. c:\Program Files\SW-Booster => Moved successfully. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{32D5563E-5F7D-4739-96F8-18D1390F66B7}" => Key deleted successfully. "HKCR\CLSID\{32D5563E-5F7D-4739-96F8-18D1390F66B7}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{32D5563E-5F7D-4739-96F8-18D1390F66B7}" => Key deleted successfully. "HKCR\CLSID\{32D5563E-5F7D-4739-96F8-18D1390F66B7}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A748936-3C4B-4965-A0AA-94D2CA2592F8}" => Key deleted successfully. "HKCR\CLSID\{3A748936-3C4B-4965-A0AA-94D2CA2592F8}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9E06BDCF-0BDA-468E-B603-AEFD462C9890}" => Key deleted successfully. "HKCR\CLSID\{9E06BDCF-0BDA-468E-B603-AEFD462C9890}" => Key not found. Firefox homepage deleted successfully. C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\user.js => Moved successfully. C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\5aeayoea@vrlaiou.edu => Moved successfully. C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\iyijq@ctwo-.edu => Moved successfully. C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\ogqq-g@qsdqhpahz.org => Moved successfully. C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\wnsgo@zpvwyaua.org => Moved successfully. Chrome HomePage deleted successfully. Chrome StartupUrls deleted successfully. C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi directory not found. C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngegahohpjkdinobobplbepfnjhiapi\3.9 directory not found. "HKLM\SOFTWARE\Google\Chrome\Extensions\infnpeniaicgjpbmfkbgafklodbpjgjn" => Key deleted successfully. "C:\Program Files\MediaViewV1\MediaViewV1alpha391\ch\MediaViewV1alpha391.crx" => File/Directory not found. "HKLM\SOFTWARE\Google\Chrome\Extensions\lefopkabiomfgkedgnpdbnlpnilcfgho" => Key deleted successfully. "C:\Program Files\MediaViewerV1\MediaViewerV1alpha456\ch\MediaViewerV1alpha456.crx" => File/Directory not found. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. c67abfdb => Service deleted successfully. C:\Program Files\pricechoP => Moved successfully. C:\ProgramData\MySearch => Moved successfully. C:\Program Files\MySearch => Moved successfully. C:\ProgramData\pricEEcehop => Moved successfully. C:\Program Files\pricEEcehop => Moved successfully. C:\Program Files\globalUpdate => Moved successfully. C:\ProgramData\EZSoftware => Moved successfully. C:\Users\prle\AppData\Local\globalUpdate => Moved successfully. C:\ProgramData\InstallMate => Moved successfully. C:\Users\Public\Documents\YTAHelper => Moved successfully. C:\Users\prle\Documents\Optimizer Pro => Moved successfully. "C:\ProgramData\MySearch" => File/Directory not found. "C:\Program Files\MySearch" => File/Directory not found. C:\Program Files\Optimizer Pro => Moved successfully. "C:\Users\prle\AppData\Local\Conduit" => File/Directory not found. C:\Program Files\Pando Networks => Moved successfully. "HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}" => Key deleted successfully. "HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{939A0D04-0E07-48FE-A463-6623B70C3A96}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{555A12CC-661A-44EC-B73B-F64D81C64A91}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{555A12CC-661A-44EC-B73B-F64D81C64A91}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_333036323133313237392d575b323478415a45375a456c" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BC94640-2EFD-4254-B760-4A7994275F49}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BC94640-2EFD-4254-B760-4A7994275F49}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperPro" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8A148FFA-7154-4855-8C74-1BE691846BC0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A148FFA-7154-4855-8C74-1BE691846BC0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EFB25483-2E6E-4583-98C2-E01B2E891C78}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFB25483-2E6E-4583-98C2-E01B2E891C78}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver" => Key deleted successfully. C:\ProgramData\TEMP => ":373E1720" ADS removed successfully. C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully. C:\ProgramData\TEMP => ":5C493F5A" ADS removed successfully. C:\ProgramData\TEMP => ":E36FE0BB" ADS removed successfully. ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" ========= Permanently delete the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid (Yes/No)? Operacija je uspeçno dovrçena. ========= End of Reg: ========= EmptyTemp: => Removed 3.7 GB temporary data. The system needed a reboot. ==== End of Fixlog ==== https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

ivance95 Poslao: 25 Avg 2014 22:20 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	1Ovo se svidja korisniku: TheChains Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje?

Profil

TheChains Poslao: 25 Avg 2014 22:24 Idi na vrh
offline TheChains Zaslužni građanin Absolut Gut Pridružio: 13 Avg 2012 Poruke: 561 Gde živiš: Atakama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mnogo bolje, izbrisan je SW booster i Shopper-Pro. Hvala !

Profil

ivance95 Poslao: 25 Avg 2014 22:35 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Još nešto da proverimo, za svaki slučaj. Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop. Dvoklikom pokreni MBAR () na ikonicu programa: - Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u; - mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.; - U uvodnom prozoru klikni dugme Next ukoliko si saglasan; • Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next; • Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan; Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka: - 'Could not load protection driver' => u tom slucaju klikni OK. - 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta. >> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje. >> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje. - Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja. Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe: - Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ... - Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem. Sledeci izvestaji ce biti formirani u mbar folderu. 1. mbar-log-year-month-day (hour-minute-second).txt 2. system-log.txt Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

Profil

TheChains Poslao: 25 Avg 2014 22:50 Idi na vrh
offline TheChains Zaslužni građanin Absolut Gut Pridružio: 13 Avg 2012 Poruke: 561 Gde živiš: Atakama	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png Bez Malwera proslo.

Profil

ivance95 Poslao: 26 Avg 2014 00:22 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kompjuter je sada čist što se malware-a tiče. • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Ciscenje racunara

Ko je trenutno na forumu

Ukupno su 997 korisnika na forumu :: 27 registrovanih, 1 sakriven i 969 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., babaroga, bbogdan, Bubimir, Djole, galerija, hyla, indja, jackreacher011011, kolle.the.kid, ksyyaj, ladro, laurusri, Lazarus, loon123, marsovac 2, Milos82, Mixelotti, mrav pesadinac, nedeljkovici, nuke92, pavlo, Smiljke, stagezin, VP6919, W123, yufighter

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by