iskačući prozori

iskačući prozori

offline
  • Pridružio: 24 Okt 2015
  • Poruke: 3

problem sa neprikidnim iskakanjem prozora i reklama te usmeravanjem na razne neželjene sajtove

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-10-2015
Ran by natasa (administrator) on NATASA-PC (24-10-2015 17:05:59)
Running from C:\Users\natasa\Desktop
Loaded Profiles: natasa (Available Profiles: natasa)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: engleski (SAD)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [540672 2015-04-19] (Greenshot)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM\...\Run: [SohuVA] => "C:\Program Files\????\SHPlayer.exe" /auto
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5889824 2015-07-28] (IObit)
HKU\S-1-5-21-3420406860-150884481-74391886-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3420406860-150884481-74391886-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53737488 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3420406860-150884481-74391886-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [761064 2015-09-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-3420406860-150884481-74391886-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-09-03]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * SmartDefragBootTime.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 212.200.191.166 212.200.190.166
Tcpip\..\Interfaces\{AE822342-EA6F-47A3-93ED-55C79D1A6341}: [DhcpNameServer] 212.200.191.166 212.200.190.166

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66&q={searchTerms}
HKU\S-1-5-21-3420406860-150884481-74391886-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-3420406860-150884481-74391886-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3420406860-150884481-74391886-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-09-18] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-23] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-23] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\n60h7v7i.default-1445559351372
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.rs/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-23] (Oracle Corporation)
FF Plugin: @sohu.com/npifox -> C:\Program Files\搜狐影音\npifox.dll [No File]
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\GoSearch.xml [2015-08-29]
FF Extension: CinemaPlus-3.3c - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\n60h7v7i.default-1445559351372\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-10-23] [not signed]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF Extension: Firefox Helper - C:\Program Files\Mozilla Firefox\distribution\bundles\7618b95afb9c3dde9c5fb582fc3b02a3 [2015-10-16] [not signed]
FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\ls3ekm26.default\extensions\defsearchp@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\ls3ekm26.default\extensions\deskCutv2@gmail.com
FF Extension: No Name - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\ls3ekm26.default\extensions\deskCutv2@gmail.com [2015-10-23] [not signed]

Chrome:
=======
CHR Profile: C:\Users\natasa\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-07-17] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-02] (IObit)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [235696 2015-07-31] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247088 2009-09-29] ()
R2 TVECapSvc; C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe [464224 2009-09-29] ()
R2 TVESched; C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe [189792 2009-09-29] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-07-14] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-11-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2015-03-25] (IObit)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-07-14] (REALiX(tm))
R3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2015-03-25] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2014-06-04] (IObit)
R3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2015-03-25] (IObit.com)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [564912 2015-07-14] (VIA Technologies, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-24 17:05 - 2015-10-24 17:06 - 00014206 ____X C:\Users\natasa\Desktop\FRST.txt
2015-10-24 17:05 - 2015-10-24 17:06 - 00000000 ____D C:\FRST
2015-10-24 17:00 - 2015-10-24 17:02 - 01700352 ____X (Farbar) C:\Users\natasa\Desktop\FRST.exe
2015-10-24 14:02 - 2015-10-24 14:02 - 00000000 ____D C:\Users\natasa\AppData\Local\GWX
2015-10-24 02:40 - 2015-10-24 02:40 - 00000000 ____D C:\Users\natasa\AppData\Local\VS Revo Group
2015-10-24 02:39 - 2015-10-24 02:39 - 00001226 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-10-24 02:39 - 2015-10-24 02:39 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-10-24 02:39 - 2015-10-24 02:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-10-24 02:39 - 2015-10-24 02:39 - 00000000 ____D C:\Program Files\VS Revo Group
2015-10-24 02:39 - 2009-12-30 11:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-10-24 02:02 - 2015-10-24 02:02 - 00001430 ____X C:\Users\natasa\Desktop\firefox - prečica.lnk
2015-10-24 01:32 - 2015-10-24 01:34 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-24 01:32 - 2015-10-24 01:32 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-24 01:32 - 2015-10-24 01:32 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-24 01:29 - 2015-01-09 01:44 - 00419936 _____ C:\Windows\system32\locale.nls
2015-10-24 01:25 - 2015-09-18 19:47 - 00023384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-24 01:25 - 2015-09-18 19:44 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-24 01:25 - 2015-09-18 19:44 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-24 01:25 - 2015-09-18 19:44 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-24 01:25 - 2015-09-18 19:44 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-24 01:25 - 2015-09-18 19:44 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-24 01:25 - 2015-09-18 19:35 - 00999936 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-24 01:25 - 2015-09-14 21:53 - 02385920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-24 01:25 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-24 01:25 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-24 01:25 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-10-24 01:25 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-24 01:25 - 2015-08-05 19:40 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2015-10-24 01:25 - 2015-08-05 18:58 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-10-24 01:25 - 2015-07-22 19:53 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-10-24 01:25 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-24 01:25 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-10-24 01:25 - 2015-07-22 18:38 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-24 01:25 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-24 01:25 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-10-24 01:25 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-10-24 01:25 - 2015-06-25 11:48 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-24 01:25 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-24 01:25 - 2015-06-25 11:44 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-24 01:25 - 2015-06-03 22:17 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-10-24 01:25 - 2015-06-03 22:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-10-24 01:25 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-10-24 01:25 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-10-24 01:25 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-10-24 01:25 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-10-24 01:25 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-10-24 01:25 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-10-24 01:25 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-10-24 01:25 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-10-24 01:25 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-10-24 01:25 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-10-24 01:25 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-10-24 01:25 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-10-24 01:25 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-10-24 01:25 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-10-24 01:25 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-10-24 01:25 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-10-24 01:25 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-10-24 01:25 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-10-24 01:25 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-10-24 01:24 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-10-24 01:14 - 2015-10-24 01:14 - 00007603 _____ C:\Users\natasa\AppData\Local\Resmon.ResmonCfg
2015-10-23 02:15 - 2015-10-23 02:15 - 00000000 ___DX C:\Users\natasa\Desktop\Old Firefox Data
2015-10-23 01:10 - 2015-10-24 16:17 - 00001024 _____ C:\Windows\Tasks\LbAZgpxPv2IkosLroUYHhnnu.job
2015-10-23 01:10 - 2015-10-23 01:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-10-23 01:10 - 2015-10-23 01:10 - 00000000 ____D C:\Program Files\7-Zip
2015-10-22 21:19 - 2015-10-22 21:19 - 00007007 _____ C:\Users\natasa\Desktop\RwVdnCWg.html
2015-10-22 19:04 - 2015-10-22 19:04 - 00000000 ___DX C:\Users\natasa\Desktop\Bunny Flop
2015-10-21 23:27 - 2015-10-21 23:27 - 00083021 _____ C:\Users\natasa\Documents\Komentari za primer.xlsm
2015-10-20 14:42 - 2015-10-20 14:42 - 00001698 ____X C:\Users\natasa\Desktop\Counter-Strike WaRzOnE.lnk
2015-10-20 14:42 - 2015-10-20 14:42 - 00000732 ____X C:\Users\natasa\Desktop\HLDS.lnk
2015-10-20 14:42 - 2015-10-20 14:42 - 00000000 ____D C:\Users\natasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS
2015-10-20 14:42 - 2015-10-20 14:42 - 00000000 ____D C:\Users\natasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
2015-10-20 14:42 - 2015-10-20 14:42 - 00000000 ____D C:\Users\natasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2015-10-20 14:41 - 2015-10-20 14:41 - 00000000 ____D C:\Games
2015-10-20 14:32 - 2015-10-20 14:34 - 00002002 ____X C:\Users\natasa\Desktop\Counter-Strike 1.6.lnk
2015-10-20 14:32 - 2015-10-20 14:32 - 00000000 ____D C:\Users\natasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-10-20 14:30 - 2015-10-20 14:34 - 00000000 ____D C:\Program Files\Counter-Strike 1.6 OMONAS
2015-10-19 21:23 - 2015-10-19 21:24 - 00124840 ____X C:\Users\natasa\Desktop\Recording #2.mp4.sfk
2015-10-16 22:47 - 2015-10-16 22:47 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2015-10-16 22:47 - 2015-10-16 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-10-16 15:09 - 2015-10-23 01:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-10-16 01:13 - 2015-10-16 01:13 - 00013995 ____X C:\Users\natasa\Desktop\Sojic i Hitler- Razgovor o Vucicu - prečica.lnk
2015-10-14 13:20 - 2015-10-01 19:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 13:20 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 13:20 - 2015-10-01 19:50 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 13:20 - 2015-10-01 19:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 13:20 - 2015-10-01 19:50 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 13:20 - 2015-10-01 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 13:20 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-14 13:20 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 13:20 - 2015-09-29 05:02 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 13:20 - 2015-09-29 04:59 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 13:20 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 13:20 - 2015-09-29 04:59 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 13:20 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 13:20 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 13:20 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 13:20 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 13:20 - 2015-09-29 04:58 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 13:20 - 2015-09-29 04:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 13:20 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 13:20 - 2015-09-29 04:58 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 13:20 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 13:20 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 13:20 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 13:20 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 13:20 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 13:20 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 13:20 - 2015-09-29 03:43 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 13:20 - 2015-09-29 03:43 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 13:20 - 2015-09-29 03:43 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 13:20 - 2015-09-25 19:59 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 13:20 - 2015-09-25 19:59 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 13:20 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 13:20 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 13:20 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 13:20 - 2015-09-25 19:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 13:20 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 13:20 - 2015-09-25 19:58 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 13:20 - 2015-09-25 19:58 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 13:20 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 13:20 - 2015-09-25 19:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 13:20 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 13:20 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 13:20 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 13:20 - 2015-09-16 05:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 13:20 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 13:20 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 13:20 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 13:20 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 13:20 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 13:20 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 13:20 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 13:20 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 13:20 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 13:20 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 13:20 - 2015-09-16 05:23 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 13:20 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 13:20 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 13:20 - 2015-09-16 05:18 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 13:20 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 13:20 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 13:20 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 13:20 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 13:20 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 13:20 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 13:20 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 13:20 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 13:20 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 13:20 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 13:20 - 2015-09-16 04:56 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 13:20 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 13:20 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 13:20 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 13:20 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 13:20 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 13:20 - 2015-09-15 19:42 - 00139096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 13:20 - 2015-09-15 19:42 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 13:20 - 2015-09-15 19:36 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 13:20 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 13:20 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 13:20 - 2015-09-15 19:36 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 13:20 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 13:20 - 2015-09-15 19:36 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 13:20 - 2015-09-15 19:35 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 13:20 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 13:20 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-13 22:22 - 2015-04-10 17:07 - 00000000 ___DX C:\Users\natasa\Downloads\Modern-Photo-Slideshow
2015-10-13 22:22 - 2015-04-10 17:07 - 00000000 ___DX C:\Users\natasa\Downloads\__MACOSX
2015-10-13 15:00 - 2015-10-13 15:00 - 00095808 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-10-13 15:00 - 2015-10-13 15:00 - 00087576 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW73.sys
2015-10-09 22:08 - 2015-10-19 18:40 - 00000000 ____D C:\Users\natasa\Documents\Bigasoft Total Video Converter
2015-10-09 22:07 - 2015-10-09 22:07 - 00000000 ____D C:\Users\natasa\AppData\Roaming\Bigasoft Total Video Converter 5
2015-10-09 22:06 - 2015-10-09 22:06 - 00001227 _____ C:\Users\Public\Desktop\Bigasoft Total Video Converter 5.lnk
2015-10-09 22:06 - 2015-10-09 22:06 - 00000000 ____D C:\Users\natasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
2015-10-09 22:06 - 2015-10-09 22:06 - 00000000 ____D C:\Program Files\Bigasoft
2015-10-09 21:53 - 2015-10-09 21:53 - 00000076 _____ C:\Users\natasa\Documents\Untitled.mxf.sfl
2015-10-09 21:36 - 2015-10-09 21:53 - 887913916 _____ C:\Users\natasa\Documents\Untitled.mxf
2015-10-09 21:36 - 2015-10-09 21:36 - 00074552 _____ C:\Users\natasa\Downloads\Untitled.veg
2015-10-09 18:51 - 2015-10-09 18:51 - 00000000 ____D C:\ProgramData\Free YouTube Downloader
2015-10-09 18:47 - 2015-10-09 18:51 - 00000000 ____D C:\Users\natasa\AppData\Local\Free YouTube Downloader
2015-10-09 18:47 - 2015-10-09 18:47 - 00002025 _____ C:\Users\Public\Desktop\Free YouTube Downloader.lnk
2015-10-09 18:47 - 2015-10-09 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader
2015-10-09 18:46 - 2015-10-09 18:47 - 00000000 ____D C:\Program Files\Free YouTube Downloader
2015-10-09 18:46 - 2015-10-09 18:46 - 14301528 ____X (HOW Inc. ) C:\Users\natasa\Downloads\FYTDSetup.exe
2015-10-09 18:22 - 2015-10-09 18:22 - 00035936 ____X C:\Users\natasa\Downloads\3954752_9913363.mp4.sfk
2015-10-09 18:21 - 2015-10-09 18:21 - 00024928 ____X C:\Users\natasa\Downloads\3818067_9623725_P.mp4.sfk
2015-10-09 18:20 - 2015-10-09 18:20 - 00046976 ____X C:\Users\natasa\Downloads\3818067_9623542.mp4.sfk
2015-10-09 16:58 - 2015-10-24 16:21 - 01834749 ____N C:\Windows\WindowsUpdate.log
2015-10-09 03:52 - 2015-10-09 03:52 - 00000000 ____D C:\Users\natasa\AppData\Roaming\Publish Providers
2015-10-09 03:52 - 2015-10-09 03:52 - 00000000 ____D C:\ProgramData\Sony
2015-10-09 03:50 - 2015-10-09 03:50 - 00001038 _____ C:\Users\Public\Desktop\Vegas Pro 11.0.lnk
2015-10-09 03:50 - 2015-10-09 03:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-10-09 03:49 - 2015-10-09 03:49 - 00000000 ____D C:\Program Files\Sony
2015-10-09 02:43 - 2015-10-09 19:04 - 00000000 ____D C:\ProgramData\NCH Software
2015-10-09 02:43 - 2015-10-09 19:03 - 00000000 ____D C:\Program Files\NCH Software
2015-10-09 02:43 - 2015-10-09 03:29 - 00000000 ____D C:\Users\natasa\AppData\Roaming\NCH Software
2015-10-09 02:32 - 2015-10-09 02:32 - 00000000 ____D C:\Users\natasa\AppData\Local\Xenocode
2015-09-28 18:30 - 2015-09-28 18:30 - 00002102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-09-28 18:30 - 2015-09-28 18:30 - 00001124 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
2015-09-28 18:30 - 2015-09-28 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-09-28 18:30 - 2015-01-10 15:32 - 00109856 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-09-28 18:30 - 2014-06-04 15:17 - 00031008 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2015-09-28 18:30 - 2014-06-04 15:17 - 00018624 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2015-09-28 13:28 - 2015-09-28 13:28 - 00001127 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-09-28 13:28 - 2015-09-28 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-24 16:54 - 2015-08-24 19:54 - 00002096 _____ C:\Windows\Tasks\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10_user.job
2015-10-24 16:33 - 2015-06-29 13:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-24 16:25 - 2009-07-14 06:34 - 00021072 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-24 16:25 - 2009-07-14 06:34 - 00021072 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-24 16:21 - 2010-11-20 23:01 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-24 16:19 - 2015-08-25 22:08 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-10-24 16:18 - 2015-07-14 00:01 - 00000000 ____D C:\ProgramData\ProductData
2015-10-24 16:17 - 2015-07-14 00:11 - 00000348 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2015-10-24 16:17 - 2015-07-01 13:37 - 00000000 ____D C:\Users\natasa\AppData\Roaming\Skype
2015-10-24 16:17 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-24 13:19 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-10-24 10:09 - 2015-08-24 19:54 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-10-24 03:43 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2015-10-24 01:34 - 2009-07-14 06:53 - 00032564 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-24 01:33 - 2009-07-14 06:33 - 00337832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-24 01:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2015-10-24 01:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2015-10-24 01:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-10-23 22:04 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-10-23 01:50 - 2015-06-29 16:24 - 00000000 ____D C:\Windows\system32\appmgmt
2015-10-23 01:12 - 2015-09-03 12:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-10-22 14:02 - 2015-09-23 19:54 - 00002123 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-10-19 22:04 - 2015-09-06 17:08 - 00000000 __RDX C:\Users\natasa\Desktop\muzika za video
2015-10-19 22:04 - 2015-07-15 18:22 - 00000000 ____D C:\Users\natasa\Desktop\template
2015-10-17 01:33 - 2015-06-29 13:42 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-10-17 01:33 - 2015-06-29 13:42 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-10-16 22:47 - 2015-08-03 16:53 - 00000000 ____D C:\Users\natasa\AppData\Roaming\.minecraft
2015-10-16 22:12 - 2015-06-29 13:41 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-10-16 03:01 - 2015-06-29 13:34 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-16 02:22 - 2015-06-29 14:23 - 00000000 ____D C:\Users\natasa\AppData\Roaming\Sony
2015-10-15 17:07 - 2015-07-01 13:37 - 00000000 ___RD C:\Program Files\Skype
2015-10-15 02:32 - 2015-06-29 14:19 - 00000000 ____D C:\Windows\system32\MRT
2015-10-15 02:29 - 2015-01-19 11:10 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-13 15:12 - 2015-07-14 00:00 - 00002088 _____ C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-10-11 19:43 - 2015-06-29 13:44 - 00000000 ____D C:\Users\natasa\AppData\Local\VirtualStore
2015-10-11 14:34 - 2015-06-29 20:31 - 00000000 ____D C:\Users\natasa\AppData\Local\Greenshot
2015-10-09 03:49 - 2015-06-29 16:21 - 00000000 ____D C:\Users\natasa\AppData\Local\Sony
2015-10-09 01:49 - 2015-08-03 19:03 - 00000000 ____D C:\Program Files\Safesoft Protector
2015-10-01 17:45 - 2015-09-08 17:52 - 00000000 ____D C:\Program Files\Fenix CS 1.6
2015-09-28 18:30 - 2015-08-02 02:29 - 00002090 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-09-28 18:30 - 2015-07-14 00:00 - 00000000 ____D C:\ProgramData\IObit
2015-09-28 18:29 - 2015-07-14 00:00 - 00000000 ____D C:\Users\natasa\AppData\Roaming\IObit
2015-09-28 18:29 - 2015-07-14 00:00 - 00000000 ____D C:\Program Files\IObit
2015-09-24 02:00 - 2015-08-02 02:30 - 00000000 ____D C:\Users\natasa\AppData\Roaming\ProductData
2015-09-24 02:00 - 2015-07-14 00:00 - 00000000 ____D C:\Users\natasa\AppData\LocalLow\IObit
2015-09-24 02:00 - 2015-06-29 20:31 - 00000000 ____D C:\Users\natasa\AppData\Roaming\Greenshot
2015-09-24 02:00 - 2015-06-29 13:44 - 00000000 ____D C:\Users\natasa
2015-09-24 02:00 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2015-09-24 02:00 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\security
2015-09-24 01:59 - 2015-09-23 00:50 - 00000000 ____D C:\Program Files\Common Files\Java
2015-09-24 01:59 - 2015-07-14 00:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-09-24 01:59 - 2015-06-29 13:42 - 00000000 ____D C:\Windows\system32\Macromed
2015-09-24 01:59 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration

==================== Files in the root of some directories =======

2015-08-26 01:12 - 2015-08-26 01:12 - 0000000 _____ () C:\Users\natasa\AppData\Roaming\A3EA.tmp
2015-08-03 19:03 - 2015-08-03 19:03 - 0000000 _____ () C:\Users\natasa\AppData\Roaming\D8.tmp
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\natasa\AppData\Roaming\LbAZgpxPv2IkosLroUYHhnnu
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\natasa\AppData\Roaming\LbAZgpxPv2IkosLroUYHhnnu.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\natasa\AppData\Roaming\sQQhSvLmGC
2015-10-24 01:14 - 2015-10-24 01:14 - 0007603 _____ () C:\Users\natasa\AppData\Local\Resmon.ResmonCfg
2015-09-06 17:42 - 2015-09-06 17:43 - 0000091 _____ () C:\ProgramData\PS.log
2015-09-03 12:59 - 2015-09-03 13:03 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
C:\Users\natasa\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\natasa\AppData\Local\Temp\o9juhimr.dll
C:\Users\natasa\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-21 00:52

==================== End of FRST.txt ============================
mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Zdravo i dobrodosla na MC,

Potrebno je da okacis i Adddition log, okacila si dva puta FRST log.

offline
  • Pridružio: 24 Okt 2015
  • Poruke: 3

Napisano: 24 Okt 2015 17:51

mycity.rs/must-login.png

Dopuna: 24 Okt 2015 17:52

evo ispravlljeno

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Preporucio bih ti da deinstaliras sledece programe:

Driver Booster 2.4
IObit Malware Fighter 3
McAfee Security Scan Plus
Surfing Protection
IObit Uninstaller

-------

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
EmptyTemp:
HKLM\...\Run: [SohuVA] => "C:\Program Files\????\SHPlayer.exe" /auto
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66&q={searchTerms}
HKU\S-1-5-21-3420406860-150884481-74391886-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-3420406860-150884481-74391886-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
FF Plugin: @sohu.com/npifox -> C:\Program Files\搜狐影音\npifox.dll [No File]
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Extension: CinemaPlus-3.3c - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\n60h7v7i.default-1445559351372\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-10-23] [not signed]
FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\ls3ekm26.default\extensions\defsearchp@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\ls3ekm26.default\extensions\deskCutv2@gmail.com
FF Extension: No Name - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\ls3ekm26.default\extensions\deskCutv2@gmail.com [2015-10-23] [not signed]
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Task: C:\Windows\Tasks\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10_user.job => C:\Program Files\CinemaP-1.9cV24.08\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10.exe <==== ATTENTION
C:\Program Files\CinemaP-1.9cV24.08
Task: C:\Windows\Tasks\LbAZgpxPv2IkosLroUYHhnnu.job => C:\Users\natasa\AppData\Roaming\LbAZgpxPv2IkosLroUYHhnnu.exe <==== ATTENTION
Task: {518FD8DA-F949-46D7-8EF8-42B558C37953} - System32\Tasks\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10_user => C:\Program Files\CinemaP-1.9cV24.08\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10.exe <==== ATTENTION
Task: {BE70AC66-77DC-4144-BBEE-8B4E25202744} - System32\Tasks\LbAZgpxPv2IkosLroUYHhnnu => C:\Users\natasa\AppData\Roaming\LbAZgpxPv2IkosLroUYHhnnu.exe [2015-04-20] () <==== ATTENTION
globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 24 Okt 2015
  • Poruke: 3

Fix result of Farbar Recovery Scan Tool (x86) Version:24-10-2015
Ran by natasa (2015-10-24 18:57:17) Run:1
Running from C:\Users\natasa\Desktop
Loaded Profiles: natasa (Available Profiles: natasa)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
EmptyTemp:
HKLM\...\Run: [SohuVA] => "C:\Program Files\????\SHPlayer.exe" /auto
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66&q={searchTerms}
HKU\S-1-5-21-3420406860-150884481-74391886-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-3420406860-150884481-74391886-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1438620055&z=59505805df21d49c7082becg3zecabdq4o7ebecw5m&from=cor&uid=395049983_1052515_B4005A66
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3420406860-150884481-74391886-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=395049983_1052515_B4005A66&ts=1438620096&type=default&q={searchTerms}
FF Plugin: @sohu.com/npifox -> C:\Program Files\????\npifox.dll [No File]
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Extension: CinemaPlus-3.3c - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\n60h7v7i.default-1445559351372\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-10-23] [not signed]
FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\ls3ekm26.default\extensions\defsearchp@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\ls3ekm26.default\extensions\deskCutv2@gmail.com
FF Extension: No Name - C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\ls3ekm26.default\extensions\deskCutv2@gmail.com [2015-10-23] [not signed]
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Task: C:\Windows\Tasks\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10_user.job => C:\Program Files\CinemaP-1.9cV24.08\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10.exe <==== ATTENTION
C:\Program Files\CinemaP-1.9cV24.08
Task: C:\Windows\Tasks\LbAZgpxPv2IkosLroUYHhnnu.job => C:\Users\natasa\AppData\Roaming\LbAZgpxPv2IkosLroUYHhnnu.exe <==== ATTENTION
Task: {518FD8DA-F949-46D7-8EF8-42B558C37953} - System32\Tasks\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10_user => C:\Program Files\CinemaP-1.9cV24.08\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10.exe <==== ATTENTION
Task: {BE70AC66-77DC-4144-BBEE-8B4E25202744} - System32\Tasks\LbAZgpxPv2IkosLroUYHhnnu => C:\Users\natasa\AppData\Roaming\LbAZgpxPv2IkosLroUYHhnnu.exe [2015-04-20] () <==== ATTENTION
globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
*****************

Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SohuVA => value removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-3420406860-150884481-74391886-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3420406860-150884481-74391886-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3420406860-150884481-74391886-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-3420406860-150884481-74391886-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-3420406860-150884481-74391886-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKU\S-1-5-21-3420406860-150884481-74391886-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => key removed successfully.
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found.
"HKLM\Software\MozillaPlugins\@sohu.com/npifox" => key removed successfully.
"HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10" => key removed successfully.
"HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4" => key removed successfully.
C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\n60h7v7i.default-1445559351372\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-10-23] => not found.
HKLM\Software\Mozilla\Firefox\Extensions\\defsearchp@gmail.com => value removed successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\deskCutv2@gmail.com => value removed successfully.
C:\Users\natasa\AppData\Roaming\Mozilla\Firefox\Profiles\ls3ekm26.default\extensions\deskCutv2@gmail.com [2015-10-23] => not found.
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully
C:\Windows\Tasks\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10_user.job => moved successfully
"C:\Program Files\CinemaP-1.9cV24.08" => not found.
C:\Windows\Tasks\LbAZgpxPv2IkosLroUYHhnnu.job => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{518FD8DA-F949-46D7-8EF8-42B558C37953}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{518FD8DA-F949-46D7-8EF8-42B558C37953}" => key removed successfully.
C:\Windows\System32\Tasks\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10_user => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ab6b8d2a-4a8f-47e8-931b-995dc181bad5-10_user" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BE70AC66-77DC-4144-BBEE-8B4E25202744}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE70AC66-77DC-4144-BBEE-8B4E25202744}" => key removed successfully.
C:\Windows\System32\Tasks\LbAZgpxPv2IkosLroUYHhnnu => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LbAZgpxPv2IkosLroUYHhnnu" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => value removed successfully.
EmptyTemp: => 180.9 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 18:58:25 ====

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt
------

Preuzmi Junkware Removal Tool ( JRT ) i sacuvaj ga na desktop.

zatvori browser i ostale pokrenute programe;

Privremeno deaktiviraj zastitni softver (Uputstvo);

dvoklikom na ikonicu ( )pokreni program JRT;

Kod obavestenja "press any key" pritisnuti bilo koji taster i alat ce zapoceti skeniranje.
Napomena: u zavisnosti od sistemske specifikacije vreme skeniranja u nekim slucajevima moze da potraje.

Kada zavrsi otvorice se log sa izvestajem koji ce biti sacuvan na desktopu pod nazivom JRT.txt


Arrow Kopiraj sadrzaj tog loga u temu.

Ko je trenutno na forumu
 

Ukupno su 1336 korisnika na forumu :: 32 registrovanih, 3 sakrivenih i 1301 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: babaroga, bladesu, Brana01, DonRumataEstorski, dozorni, Fabius, Goran 0000, goxin, jackreacher011011, Karla, kjkszpj, kybonacci, ljuba, lord sir giga, Lucije Kvint, marsovac 2, Mcdado, Mihajlo, milos.cbr, minmatar34957, nemkea71, NoOneEver Dreams, RiV, S2M, slonic_tonic, ss10, Vlad000, voja64, yufighter, zdrebac, Zoca, zzapNDjuric99